bibliography/main.bib

@misc{7cpua57,
 author = {{7-cpu}},
 title = {ARM Cortex-A57},
 url = {https://www.7-cpu.com/cpu/Cortex-A57.html},
 year = {2019}
}

@misc{7cpukaby,
 author = {{7-cpu}},
 title = {Intel Skylake},
 url = {https://www.7-cpu.com/cpu/Skylake.html},
 year = {2019}
}

@misc{7cpuZen,
 author = {{7-cpu}},
 title = {{AMD Zen}},
 url = {https://www.7-cpu.com/cpu/Zen.html},
 year = {2019}
}

@misc{a53_arch,
 author = {Wikichip},
 title = {{Cortex-A53 - Microarchitectures - ARM}},
 url = {https://en.wikichip.org/wiki/arm_holdings/microarchitectures/cortex-a53},
 year = {2012}
}

@inproceedings{Abadi2005CFI,
 author = {Abadi, Mart{\'\i}n and Budiu, Mihai and Erlingsson, Ulfar and Ligatti, Jay},
 booktitle = {{CCS}},
 title = {{Control-Flow Integrity}},
 year = {2005}
}

@misc{Abdallah2018stl,
 author = {Abdallah, Mohammad},
 month = {March},
 note = {US Patent 9,928,121},
 publisher = {Google Patents},
 title = {Method and system for implementing recovery from speculative forwarding miss-predictions/errors resulting from load store reordering and optimization},
 year = {2018}
}

@inproceedings{Abel2013measurement,
 author = {Abel, Andreas and Reineke, Jan},
 booktitle = {Real-Time and Embedded Technology and Applications Symposium (RTAS)},
 title = {{Measurement-based Modeling of the Cache Replacement Policy}},
 year = {2013}
}

@inproceedings{Abel2014PolicyRev,
 author = {Abel, Andreas and Reineke, Jan},
 booktitle = {International Symposium on Performance Analysis of Systems and Software (ISPASS)},
 title = {Reverse engineering of cache replacement policies in intel microprocessors and their evaluation},
 year = {2014}
}

@article{Abel2019nanobench,
 author = {Abel, Andreas and Reineke, Jan},
 journal = {arXiv:1911.03282},
 title = {{nanoBench: A Low-Overhead Tool for Running Microbenchmarks on x86 Systems}},
 year = {2019}
}

@inproceedings{Abel2019uops,
 author = {Abel, Andreas and Reineke, Jan},
 booktitle = {{ASPLOS}},
 title = {{uops.info: Characterizing Latency, Throughput, and Port Usage of Instructions on Intel Microarchitectures}},
 year = {2019}
}

@inproceedings{abel2019uops,
 author = {Abel, Andreas and Reineke, Jan},
 booktitle = {Proceedings of the Twenty-Fourth International Conference on Architectural Support for Programming Languages and Operating Systems},
 title = {uops. info: Characterizing latency, throughput, and port usage of instructions on intel microarchitectures},
 year = {2019}
}

@doctoralthesis{abel2020automatic,
 author = {Abel, Andreas},
 doi = {http://dx.doi.org/10.22028/D291-31299},
 title = {Automatic Generation of Models of Microarchitectures},
 year = {2020}
}

@inproceedings{Abel2020nanobench,
 author = {Abel, Andreas and Reineke, Jan},
 booktitle = {{ISPASS}},
 title = {{nanoBench: A Low-Overhead Tool for Running Microbenchmarks on x86 Systems}},
 year = {2020}
}

@inproceedings{abel2022uica,
 author = {Abel, Andreas and Reineke, Jan},
 booktitle = {ACM International Conference on Supercomputing},
 title = {{uiCA}: Accurate throughput prediction of basic blocks on recent Intel microarchitectures},
 year = {2022}
}

@article{Abhishta2017,
 author = {Abhishta and Reinoud Joosten and Nieuwenhuis, {Lambert J.M.}},
 booktitle = {JoWUA},
 title = {Comparing Alternatives to Measure the Impact of DDoS Attack Announcements on Target Stock Prices},
 year = {2017}
}

@misc{Abramson1996,
 author = {Abramson, Jeffery M. and Akkary, Haitham and Glew, Andrew F. and Hinton, Glenn J. and Konigsfeld, Kris G. and Madland, Paul D. and Papworth, David B. and Fetterman, Michael A.},
 month = {February},
 note = {US Patent 5,717,882},
 publisher = {Google Patents},
 title = {{Method and apparatus for dispatching and executing a load operation to memory}},
 year = {1998}
}

@misc{Abramson1998specload,
 author = {Abramson, Jeffrey M and Papworth, David B and Akkary, Haitham H and Glew, Andrew F and Hinton, Glenn J and Konigsfeld, Kris G and Madland, Paul D},
 month = {May},
 note = {US Patent 5,751,983},
 publisher = {Google Patents},
 title = {Out-of-order processor with a memory subsystem which handles speculatively dispatched load operations},
 year = {1998}
}

@misc{Abramson1999block,
 author = {Abramson, Jeffery M and Akkary, Haitham and Glew, Andrew F and Hinton, Glenn J and Konigsfeld, Kris G and Madland, Paul D},
 month = {March},
 note = {US Patent 5,881,262},
 publisher = {Google Patents},
 title = {Method and apparatus for blocking execution of and storing load operations during their execution},
 year = {1999}
}

@misc{abramson2002method,
 author = {Abramson, Jeffery M and Akkary, Haitham and Glew, Andrew F and Hinton, Glenn J and Konigsfeld, Kris G and Madland, Paul D},
 howpublished = {US Patent 6,378,062},
 month = {April},
 title = {Method and apparatus for performing a store operation},
 year = {2002}
}

@inproceedings{Acar2013fpdetective,
 author = {Acar, Gunes and Juarez, Marc and Nikiforakis, Nick and Diaz, Claudia and G{\"u}rses, Seda and Piessens, Frank and Preneel, Bart},
 booktitle = {{CCS}},
 title = {{FPDetective: dusting the web for fingerprinters}},
 year = {2013}
}

@inproceedings{acar2014web,
 author = {Acar, Gunes and Eubank, Christian and Englehardt, Steven and Juarez, Marc and Narayanan, Arvind and Diaz, Claudia},
 booktitle = {CCS},
 title = {The web never forgets: Persistent tracking mechanisms in the wild},
 year = {2014}
}

@inproceedings{Aciccmez2009microarchitectural,
 author = {Acıi\c{c}mez, Onur and Ko{\c{c}}, Cetin Kaya},
 booktitle = {Cryptographic Engineering},
 title = {{Microarchitectural attacks and countermeasures}},
 year = {2009}
}

@article{Acicmez2007a,
 author = {Ac\i{}i\c{c}mez, Onur and Seifert, Jean-Pierre and Ko\c{c}, \c{C}etin Kaya},
 journal = {IEEE Security \& Privacy},
 number = {4},
 pages = {62--64},
 title = {{Micro-Architectural Cryptanalysis}},
 volume = {5},
 year = {2007}
}

@inproceedings{Acicmez2007new,
 author = {Ac\i{}i\c{c}mez, Onur and Gueron, Shay and Seifert, Jean-pierre},
 booktitle = {Proceedings of the 11th IMA International Conference on Cryptography and Coding},
 title = {{New Branch Prediction Vulnerabilities in OpenSSL and Necessary Software Countermeasures}},
 year = {2007}
}

@article{Aciicmez2006a,
 author = {Ac\i{}i\c{c}mez, Onur and Ko\c{c}, \c{C}etin Kaya},
 journal = {IACR Cryptology ePrint Archive},
 title = {{Trace-Driven Cache Attacks on AES}},
 url = {http://eprint.iacr.org/2006/138},
 year = {2006}
}

@inproceedings{Aciicmez2006short,
 author = {Ac\i{}i\c{c}mez, Onur and Ko\c{c}, \c{C}etin Kaya},
 booktitle = {International Conference on Information and Communications Security},
 title = {{Trace-Driven Cache Attacks on AES (Short Paper)}},
 year = {2006}
}

@phdthesis{Aciicmez2007a,
 author = {Ac\i{}i\c{c}mez, Onur},
 institution = {Oregon State University},
 title = {{Advances in Side-Channel Cryptanalysis: MicroArchitectural Attacks}},
 year = {2007}
}

@inproceedings{Aciicmez2007c,
 author = {Acıi\c{c}mez, Onur and Seifert, Jean-Pierre},
 booktitle = {FDTC},
 title = {{Cheap Hardware Parallelism Implies Cheap Security}},
 year = {2007}
}

@inproceedings{Aciicmez2007d,
 author = {{Acccmez, Onur and Schindler, Werner and Koc, Cetin K.}},
 booktitle = {CT-RSA},
 title = {Cache Based Remote Timing Attack on the AES},
 year = {2006}
}

@inproceedings{Aciicmez2007e,
 author = {Ac\i{}i\c{c}mez, Onur and Ko\c{c}, \c{C}etin Kaya and Seifert, Jean-pierre},
 booktitle = {AsiaCCS},
 title = {{On the Power of Simple Branch Prediction Analysis}},
 year = {2007}
}

@inproceedings{Aciicmez2007icache,
 author = {Acıi\c{c}mez, Onur},
 booktitle = {{ASPLOS}},
 title = {{Yet Another MicroArchitecutral Attack: Exploiting I-cache}},
 year = {2007}
}

@inproceedings{Aciicmez2007predicting,
 author = {Acıi\c{c}mez, Onur and Seifert, Jean-Pierre and Ko\c{c}, \c{C}etin Kaya},
 booktitle = {CT-RSA},
 title = {{Predicting secret keys via branch prediction}},
 year = {2007}
}

@inproceedings{Aciicmez2007yet,
 author = {Acıi\c{c}mez, Onur},
 booktitle = {CSAW},
 title = {{Yet Another MicroArchitectural Attack: Exploiting I-cache}},
 year = {2007}
}

@incollection{Aciicmez2008,
 author = {Ac{\i{}}i\c{c}mez, Onur and Schindler, Werner},
 booktitle = {CT-RSA 2008},
 title = {{A Vulnerability in RSA Implementations Due to Instruction Cache Analysis and Its Demonstration on OpenSSL}},
 year = {2008}
}

@inproceedings{Aciicmez2010,
 author = {Ac\i{}i\c{c}mez, Onur and Brumley, Billy Bob and Grabher, Philipp},
 booktitle = {CHES},
 title = {{New Results on Instruction Cache Attacks}},
 year = {2010}
}

@misc{ACPIspec,
 author = {{Unified Extensible Firmware Interface (UEFI) Forum}},
 title = {{Advanced Configuration and Power Interface (ACPI) Specification, Version 6.3}},
 year = {2019}
}

@article{Adams2006,
 author = {Adams, Keith and Agesen, Ole},
 journal = {ACM SIGOPS Operating Systems Review},
 location = {New York, New York, USA},
 number = {3},
 publisher = {ACM Press},
 title = {{A comparison of software and hardware techniques for x86 virtualization}},
 volume = {40},
 year = {2006}
}

@misc{Adamski2018,
 author = {Alexandre Adamski},
 month = {August},
 no-note = {Retrieved on November 9, 2018},
 no-url = {https://blog.quarkslab.com/overview-of-intel-sgx-part-2-sgx-externals.html},
 title = {{Overview of Intel SGX - Part 2, SGX Externals}},
 year = {2018}
}

@misc{Adobe2004PDF,
 author = {Adobe},
 title = {{Adobe PDF Library Overview}},
 url = {https://web.archive.org/web/20150923212758/http://www.datalogics.com/pdf/doc/Version6.1/PDFLOverview.pdf},
 year = {2004}
}

@misc{Adobe2024OpentypeFeatures,
 author = {{Adobe}},
 note = {Retrieved 2024-04-24},
 title = {{Syntax for OpenType features in CSS}},
 url = {https://helpx.adobe.com/fonts/using/open-type-syntax.html},
 year = {2024}
}

@misc{aes-js,
 author = {Richard Moore},
 title = {{aes-js: A pure JavaScript implementation of the AES block cipher}},
 url = {https://github.com/ricmoo/aes-js},
 year = {2018}
}

@misc{AES_standard,
 author = {{NIST}},
 title = {{FIPS} 197, Advanced Encryption Standard ({AES})},
 year = {2001}
}

@inproceedings{Afek2007,
 author = {Afek, Jonathan and Sharabani, Adi},
 booktitle = {Black Hat Briefings},
 title = {{Dangling pointer: Smashing the pointer for fun and profit}},
 year = {2007}
}

@inproceedings{Aga2017,
 author = {Aga, Misiker Tadesse and Aweke, Zelalem Birhanu and Austin, Todd},
 booktitle = {{HOST}},
 title = {{When good protections go bad: Exploiting anti-{DoS} measures to accelerate {Rowhammer} attacks}},
 year = {2017}
}

@inproceedings{aga2019invisipage,
 author = {Aga, Shaizeen and Narayanasamy, Satish},
 booktitle = {International Symposium on Computer
Architecture},
 title = {InvisiPage: oblivious demand paging for secure enclaves},
 year = {2019}
}

@inproceedings{agadakos2019nibbler,
 author = {Agadakos, Ioannis and Jin, Di and Williams-King, David and Kemerlis, Vasileios P and Portokalidis, Georgios},
 booktitle = {ACSAC},
 title = {Nibbler: debloating binary shared libraries},
 year = {2019}
}

@inproceedings{Agarwal2022Helping,
 author = {Agarwal, Shubham},
 booktitle = {CCS},
 title = {Helping or Hindering? How Browser Extensions Undermine Security},
 year = {2022}
}

@inproceedings{Agarwal2022spook,
 author = {Agarwal, Ayush and O’Connell, Sioli and Kim, Jason and Yehezkel, Shaked and Genkin, Daniel and Ronen, Eyal and Yarom, Yuval},
 journal = {{S\&P}},
 title = {Spook.js: Attacking Chrome Strict Site Isolation via Speculative Execution},
 year = {2022}
}

@article{Agesen2010,
 author = {Agesen, Ole and Garthwaite, Alex and Sheldon, Jeffrey and Subrahmanyam, Pratap},
 journal = {ACM SIGOPS Operating Systems Review},
 number = {4},
 pages = {3--18},
 title = {{The Evolution of an x86 Virtual Machine Monitor}},
 volume = {44},
 year = {2010}
}

@inproceedings{Agosto2019,
 author = {Agosto, Giselle and Banerjee, Anuja},
 publisher = {Grace Hopper Celebration},
 title = {{Post-Silicon Chip Validation: Where the Silicon Meets the Road}},
 year = {2019}
}

@inproceedings{Agten2012,
 author = {Agten, Pieter and Van Acker, Steven and Brondsema, Yoran and Phung, Phu H and Desmet, Lieven and Piessens, Frank},
 booktitle = {{Proceedings of the 28th Annual Computer Security Applications Conference}},
 title = {{JSand: complete client-side sandboxing of third-party JavaScript without browser modifications}},
 year = {2012}
}

@article{ahmad2020real,
 author = {Ahmad, Bilal Ali},
 journal = {arXiv preprint arXiv:2006.01442},
 title = {Real time detection of spectre and meltdown attacks using machine learning},
 year = {2020}
}

@article{Ahmad2022academic,
 author = {Ahmad, Sayed Fayaz and Alam, Muhammad Mansoor and Rahmat, Mohd Khairil and Mubarik, Muhammad Shujaat and Hyder, Syed Irfan},
 journal = {Sustainability},
 number = {3},
 title = {Academic and administrative role of artificial intelligence in education},
 volume = {14},
 year = {2022}
}

@article{Ahmadi2021Side,
 author = {Ahmadi, Mahya Morid and Khalid, Faiq and Shafique, Muhammad},
 journal = {arXiv preprint},
 title = {Side-channel attacks on RISC-V processors: Current progress, challenges, and opportunities},
 year = {2021}
}

@inproceedings{Aichinger2015hpec,
 author = {Aichinger, Barbara},
 booktitle = {{HPEC}},
 title = {{DDR memory errors caused by Row Hammer}},
 year = {2015}
}

@inproceedings{Aichinger2015memcon,
 author = {Aichinger, Barbara},
 booktitle = {{memcon}},
 title = {{Row Hammer Failures in DDR Memory}},
 year = {2015}
}

@article{Ainsworth2019,
 author = {Ainsworth, Sam and Jones, Timothy M},
 journal = {arXiv:1911.08384},
 title = {{MuonTrap: Preventing Cross-Domain Spectre-Like Attacks by Capturing Speculative State}},
 year = {2019}
}

@misc{Akdemir2010Breakthrough,
 author = {Kahraman D. Akdemir and Martin G. Dixon and Wajdi K. Feghali and Patrick G Fay, et al.},
 title = {{Breakthrough AES Performance with Intel{\textregistered} AES New Instructions}},
 url = {https://www.intel.com/content/dam/develop/external/us/en/documents/10tb24-breakthrough-aes-performance-with-intel-aes-new-instructions-final-secure.pdf},
 year = {2010}
}

@inproceedings{akishita2003zero,
 author = {Akishita, Toru and Takagi, Tsuyoshi},
 booktitle = {ISC},
 title = {Zero-value point attacks on elliptic curve cryptosystem},
 year = {2003}
}

@misc{Akkary1997,
 author = {Akkary, Haitham},
 month = {December},
 note = {US Patent US6,463,522B1},
 publisher = {Google Patents},
 title = {{Memory system for ordering load and store instructions in a processor that performs multithread execution}},
 year = {1997}
}

@article{Akyildiz2019,
 author = {Akyildiz, Taha Atahan and Guzgeren, Can Berk and Yilmaz, Cemal and Savas, Erkay},
 journal = {Cryptology ePrint Archive, Report 2019/613},
 title = {{MeltdownDetector: A Runtime Approach for Detecting Meltdown Attacks}},
 year = {2019}
}

@article{Akyildiz2020,
 author = {Akyildiz, Taha Atahan and Guzgeren, Can Berk and Yilmaz, Cemal and Savas, Erkay},
 journal = {Future Generation Computer Systems},
 title = {MeltdownDetector: A runtime approach for detecting meltdown attacks},
 year = {2020}
}

@inproceedings{Al2017analysis,
 author = {Al Sardy, Loui and Tang, Tong and Spisl{\"a}nder, Marc and Saglietti, Francesca},
 booktitle = {{International Conference on Computer Safety, Reliability, and Security}},
 title = {{Analysis of Potential Code Vulnerabilities Involving Overlapping Instructions}},
 year = {2017}
}

@inproceedings{Alaca2016,
 author = {Alaca, Furkan and van Oorschot, Paul C.},
 booktitle = {{ACSAC}},
 title = {Device Fingerprinting for Augmenting Web Authentication: Classification and Analysis of Methods},
 year = {2016}
}

@inproceedings{Aldaya2018,
 author = {Aldaya, Alejandro Cabrera and Brumley, Billy Bob and ul Hassan, Sohaib and Garc{\'{i}}a, Cesar Pereida and Tuveri, Nicola},
 booktitle = {{S\&P}},
 title = {{Port Contention for Fun and Profit}},
 year = {2018}
}

@inproceedings{aldaya2019port,
 author = {Aldaya, Alejandro Cabrera and Brumley, Billy Bob and ul Hassan, Sohaib and Garc{\'\i}a, Cesar Pereida and Tuveri, Nicola},
 booktitle = {{S\&P}},
 title = {Port contention for fun and profit},
 year = {2019}
}

@article{Aldaya2020,
 author = {Alejandro Cabrera Aldaya and Billy Bob Brumley},
 journal = {{IACR Cryptology ePrint Archive}},
 title = {{When one vulnerable primitive turns viral: Novel single-trace attacks on ECDSA and RSA}},
 url = {https://eprint.iacr.org/2020/055},
 year = {2020}
}

@inproceedings{Aldaya2020coordinates,
 author = {Cabrera Aldaya, Alejandro and Pereida García, Cesar and Brumley, Billy Bob},
 booktitle = {{CHES}},
 title = {{From A to Z: Projective coordinates leakage in the wild}},
 year = {2020}
}

@inproceedings{Aldaya2022hyperdegrade,
 author = {Aldaya, Alejandro Cabrera and Brumley, Billy Bob},
 booktitle = {USENIX Security Symposium},
 title = {{HyperDegrade: From GHz to MHz Effective CPU Frequencies}},
 year = {2022}
}

@inproceedings{Alder2019,
 author = {Alder, Fritz and Asokan, N and Kurnikov, Arseny and Paverd, Andrew and Steiner, Michael},
 booktitle = {Proceedings of the 2019 ACM SIGSAC Conference on Cloud Computing Security Workshop},
 title = {{S-FaaS: Trustworthy and Accountable Function-as-a-Service using Intel SGX}},
 year = {2019}
}

@inproceedings{alder2024pandora,
 author = {Alder, Fritz and Daniel, Lesly-Ann and Oswald, David and Piessens, Frank and Van Bulck, Jo},
 booktitle = {S\&P},
 title = {Pandora: Principled symbolic validation of Intel SGX enclave runtimes},
 year = {2024}
}

@misc{Alexa2015,
 author = {{Alexa Internet, Inc.}},
 month = {March},
 title = {{The top 500 sites on the web}},
 url = {http://www.alexa.com/topsites},
 year = {2015}
}

@misc{Alexa2016,
 author = {{Alexa Internet, Inc.}},
 month = {December},
 title = {{The top 500 sites on the web}},
 url = {http://www.alexa.com/topsites},
 year = {2016}
}

@inproceedings{Allaf2019,
 author = {Allaf, Zirak and Adda, Mo and Gegov, Alexander},
 booktitle = {International Conference on Cyber Security and Protection of Digital Services (Cyber Security)},
 title = {{TrapMP: malicious process detection by utilising program phase detection}},
 year = {2019}
}

@inproceedings{Allan2016,
 author = {Allan, Thomas and Brumley, Billy Bob and Falkner, Katrina and Van de Pol, Joop and Yarom, Yuval},
 booktitle = {ACSAC},
 title = {{Amplifying Side Channels Through Performance Degradation}},
 year = {2016}
}

@misc{Allombert2022DebianPopularityContest,
 author = {Bill Allombert},
 title = {{Debian Popularity Contest}},
 url = {https://popcon.debian.org/stable/by_vote},
 year = {2022}
}

@inproceedings{Almeida2016Verifying,
 author = {Almeida, Jos{\'e} Bacelar and Barbosa, Manuel and Barthe, Gilles and Dupressoir, Fran{\c{c}}ois and Emmi, Michael},
 booktitle = {{USENIX Security}},
 title = {Verifying $\{$Constant-Time$\}$ Implementations},
 year = {2016}
}

@inproceedings{almeida2017jasmin,
 author = {Almeida, Jos{\'e} Bacelar and Barbosa, Manuel and Barthe, Gilles and Blot, Arthur and Gr{\'e}goire, Benjamin and Laporte, Vincent and Oliveira, Tiago and Pacheco, Hugo and Schmidt, Benedikt and Strub, Pierre-Yves},
 booktitle = { ACM SIGSAC Conference on Computer and Communications Security},
 title = {Jasmin: High-assurance and high-speed cryptography},
 year = {2017}
}

@article{Altman1992,
 author = {Altman, N. S.},
 doi = {10.1080/00031305.1992.10475879},
 journal = {The American Statistician},
 number = {3},
 pages = {175-185},
 title = {An Introduction to Kernel and Nearest-Neighbor Nonparametric Regression},
 volume = {46},
 year = {1992}
}

@misc{Alves2004,
 author = {Alves, Tiago},
 title = {{TrustZone: Integrated Hardware and Software Security}},
 year = {2004}
}

@inproceedings{Alves2018dynamically,
 author = {Alves, Ricardo and Kaxiras, Stefanos and Black-Schaffer, David},
 booktitle = {International Conference on Computer Design (ICCD)},
 title = {Dynamically disabling way-prediction to reduce instruction replay},
 year = {2018}
}

@inproceedings{Aly2013attacking,
 author = {Aly, Hassan and ElGayyar, Mohammed},
 booktitle = {{International Conference on Cryptology in Africa}},
 title = {{Attacking aes using bernstein's attack on modern processors}},
 year = {2013}
}

@misc{Amazon2019Lambda,
 author = {{Amazon AWS}},
 title = {{AWS Lambda@Edge}},
 url = {https://aws.amazon.com/lambda/edge/},
 year = {2019}
}

@misc{amd-smt,
 author = {{AMD}},
 title = {{Technology Brief: AMD EPYC and SMT}},
 year = {2025}
}

@manual{AMD15h,
 author = {{Advanced Micro Devices Inc.}},
 month = {January},
 title = {{Software Optimization Guide for AMD Family 15h Processors}},
 year = {2014}
}

@manual{AMD17h,
 author = {{Advanced Micro Devices Inc.}},
 month = {June},
 title = {{Software Optimization Guide for AMD Family 177777ocessors}},
 year = {2017}
}

@manual{AMD17hRegisters,
 edition = {3.03},
 month = {7},
 organization = {Advanced Micro Devices Inc.},
 title = {{Open-Source Register Reference For AMD Family 17h Processors Models 00h-2Fh}},
 year = {2018}
}

@manual{AMD17hTemp,
 author = {{Advanced Micro Devices Inc.}},
 month = {June},
 title = {{Software Optimization Guide for AMD Family 17h Processors}},
 year = {2017}
}

@manual{AMD19h11hb1PPR,
 edition = {0.53},
 month = {5},
 organization = {Advanced Micro Devices Inc.},
 title = {{Processor Programming Reference (PPR) for AMD Family 19h Model 11h, Revision B1 Processors}},
 year = {2023}
}

@article{AMD2009,
 organization = {Advanced Micro Devices Inc.},
 title = {{AMD I/O Virtualization Technology (IOMMU) Specification, rev 1.26}},
 year = {2009}
}

@misc{AMD2018_variant_3a,
 organization = {Advanced Micro Devices Inc.},
 title = {Spectre Mitigation Update},
 year = {2018}
}

@misc{AMD2021FPVI,
 author = {{AMD}},
 title = {{Speculative Code Store Bypass and Floating-Point Value Injection}},
 url = {https://www.amd.com/en/resources/product-security/bulletin/amd-sb-1003.html},
 year = {2021}
}

@misc{AMD2021fpvi,
 author = {{AMD}},
 title = {{Speculative Code Store Bypass and Floating-Point Value Injection}},
 url = {https://www.amd.com/en/resources/product-security/bulletin/amd-sb-1003.html},
 year = {2021}
}

@misc{AMD2023AMDSEV,
 author = {AMD},
 title = {{AMDSEV - Software for SEV on GitHub}},
 url = {https://github.com/AMDESE/AMDSEV},
 year = {2023}
}

@misc{AMD2023dss,
 author = {{AMD}},
 title = {{Speculative Leaks Security Notice - AMD-SB-7007}},
 url = {https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7007.html},
 year = {2023}
}

@misc{amd2023infinityfabric,
 organization = {AMD},
 title = {{AMD Infinity Architecture Technology}},
 url = {https://www.amd.com/en/technologies/infinity-architecture},
 year = {2023}
}

@misc{amd2023Invdsb3005,
 author = {AMD},
 title = {AMD INVD Instruction Security Vulnerability},
 url = {https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3005.html},
 year = {2023}
}

@misc{amd2023seves,
 organization = {AMD},
 title = {{Protecting VM Register State With SEV-ES}},
 url = {https://www.amd.com/system/files/TechDocs/Protecting%20VM%20Register%20State%20with%20SEV-ES.pdf},
 year = {2023}
}

@misc{amd2023sevsnp,
 organization = {AMD},
 title = {{AMD SEV-SNP: Strengthening VM Isolation with Integrity Protection and More}},
 url = {https://www.amd.com/system/files/TechDocs/SEV-SNP-strengthening-vm-isolation-with-integrity-protection-and-more.pdf},
 year = {2023}
}

@misc{AMD2023vol2,
 organization = {Advanced Micro Devices Inc.},
 title = {{AMD64 Architecture Programmer's Manual}},
 volume = {Volume 2: System Programming},
 year = {2024}
}

@misc{amd2023zencore,
 organization = {AMD},
 title = {{AMD "ZEN" Core Architecture}},
 url = {https://www.amd.com/en/technologies/zen-core},
 year = {2023}
}

@misc{amd2025Prosec,
 author = {{AMD}},
 title = {{AMD PRO Technologies Security White Paper}},
 url = {https://www.amd.com/content/dam/amd/en/documents/products/processors/technologies/amd-pro-technologies-security-white-paper.pdf},
 year = {2025}
}

@misc{AMD64_manual,
 author = {{Advanced Micro Devices Inc.}},
 title = {{AMD64 Architecture Programmer's Manual}},
 year = {2017}
}

@misc{AMD64_vol1,
 organization = {Advanced Micro Devices Inc.},
 title = {{AMD64 Architecture Programmer's Manual}},
 volume = {Volume 1: Application Programming},
 year = {2017}
}

@misc{AMD64_vol2,
 organization = {Advanced Micro Devices Inc.},
 title = {{AMD64 Architecture Programmer's Manual}},
 volume = {Volume 2: System Programming},
 year = {2024}
}

@misc{AMD64_vol3,
 organization = {Advanced Micro Devices Inc.},
 title = {{AMD64 Architecture Programmer's Manual}},
 volume = {Volume 3: General-Purpose and System Instructions},
 year = {2025}
}

@misc{AMD64_vol4,
 organization = {Advanced Micro Devices Inc.},
 title = {{AMD64 Architecture Programmer's Manual}},
 volume = {Volume 4: 128-Bit and 256-Bit Media Instructions},
 year = {2017}
}

@misc{AMD64_vol5,
 organization = {Advanced Micro Devices Inc.},
 title = {{AMD64 Architecture Programmer's Manual}},
 volume = {Volume 5: 64-Bit Media and x87 Floating-Point Instructions},
 year = {2016}
}

@misc{AMD_RAPL_Patch1,
 author = {{Naveen, Krishna Chatradhi}},
 title = {{hwmon: Add amd\_energy driver to report energy counters}},
 url = {https://patchwork.kernel.org/patch/11496005/},
 year = {2020}
}

@misc{AMD_RAPL_Patch2,
 author = {{Naveen, Krishna Chatradhi}},
 title = {{hwmon: amd\_energy: match for supported models}},
 url = {https://patchwork.kernel.org/patch/11646271/},
 year = {2020}
}

@manual{AMDbioskernelguide,
 author = {{Advanced Micro Devices Inc.}},
 title = {{BIOS and Kernel Developer's Guide (BKDG) for AMD Family 15h Models 00h-0Fh Processors}},
 year = {2013}
}

@misc{AMDEnergyDriverCommit,
 author = {Naveen Krishna Chatradhi},
 title = {{hwmon: Add amd{\_}energy driver to report energy counters}},
 url = {https://patchwork.kernel.org/patch/11496005/},
 year = {2020}
}

@misc{AMDEpycDataCenter,
 author = {{Advanced Micro Devices Inc.}},
 title = {2nd Gen AMD EPYC Processors Set New Standard for the Modern Datacenter with Record-Breaking Performance and Significant TCO Savings},
 year = {2019}
}

@misc{Amdfam15hpower,
 author = {Herrmann, Andreas},
 publisher = {{Linux Kernel Organization}},
 title = {{Kernel driver fam15h\_power: The Linux Kernel documentation}},
 url = {https://www.kernel.org/doc/html/v5.4-preprc-cpu/hwmon/fam15h\_power.html},
 year = {2019}
}

@misc{AMDOptimization,
 author = {{Advanced Micro Devices Inc.}},
 title = {{Software Optimization Guide for AMD Family 17h Processors}},
 year = {2017}
}

@misc{AMDRyzen,
 organization = {Advanced Micro Devices Inc.},
 title = {{AMD Takes Computing to a New Horizon with Ryzen\texttrademark Processors}},
 url = {https://www.amd.com/en-us/press-releases/Pages/amd-takes-computing-2016dec13.aspx},
 year = {2016}
}

@misc{AMDSpecAnalysis,
 author = {{Advanced Micro Devices Inc.}},
 note = {Revison 7.10.18},
 title = {{Software Techniques for Managing Speculation on {AMD} Processors}},
 year = {2018}
}

@misc{AMDSpeculationBehavior,
 organization = {Advanced Micro Devices Inc.},
 title = {{Speculation Behavior in AMD Micro-Architectures}},
 year = {2019}
}

@misc{AMDspex_whitepaper,
 author = {AMD},
 title = {{Software techniques for managing speculation on AMD processors}},
 year = {2018}
}

@misc{AMDssbd_whitepaper,
 note = {Revision 5.21.18},
 organization = {Advanced Micro Devices Inc.},
 title = {{AMD64 Technology: Speculative Store Bypass Disable}},
 year = {2018}
}

@manual{AmdUprof,
 edition = {3.2},
 organization = {Advanced Micro Devices Inc.},
 title = {{AMD uProf User Guide}},
 year = {2019}
}

@misc{Amini2010,
 author = {Amini, Pedram and Portnoy, A},
 title = {{Sulley fuzzing framework}},
 year = {2010}
}

@inproceedings{Amit2010,
 author = {Amit, Nadav and Ben-Yehuda, Muli and Yassour, Ben-ami},
 booktitle = {Proceedings of the 6th Annual Workshorp on the Interaction between Operating Systems and Computer Architecture (WIOSCA'10)},
 title = {{IOMMU: Strategies for Mitigating the IOTLB Bottleneck}},
 year = {2010}
}

@inproceedings{Amit2011,
 author = {Amit, Nadav and Ben-Yehuda, Muli and Tsafrir, Dan and Schuster, Assaf},
 booktitle = {Proceedings of the 2011 USENIX Annual Technical Conference (USENIX ATC'11)},
 title = {{vIOMMU: Efficient IOMMU Emulation}},
 year = {2011}
}

@inproceedings{Amit2019,
 author = {Amit, Nadav and Jacobs, Fred and Wei, Michael},
 booktitle = {USENIX ATC},
 title = {Jumpswitches: restoring the performance of indirect branches in the era of spectre},
 year = {2019}
}

@inproceedings{Amos2019,
 author = {Amos, Ben and Gilboa, Niv and Levy, Arbel},
 booktitle = {ACM/SIGAPP Symposium on Applied Computing},
 title = {Spectre without shared memory},
 year = {2019}
}

@misc{AmpereAltraTMLinuxKernelPortingGuide,
 author = {Ampere Computing},
 publisher = {{Github}},
 title = {{Ampere AltraTM Linux Kernel Porting Guide}},
 url = {https://github.com/AmpereComputing/ampere-centos-kernel/wiki/Ampere-AltraTM-Linux-Kernel-Porting-Guide},
 year = {2020}
}

@article{Anagnostopoulos2018Intrinsic,
 author = {Anagnostopoulos, Nikolaos Athanasios and Arul, Tolga and Fan, Yufan and Hatzfeld, Christian and Schaller, Andr{\'e} and Xiong, Wenjie and Jain, Manishkumar and Saleem, Muhammad Umair and Lotichius, Jan and Gabmeyer, Sebastian and others},
 booktitile = {{MDPI}},
 title = {Intrinsic run-time row hammer PUFs: Leveraging the row hammer effect for run-time cryptography and improved security},
 year = {2018}
}

@article{anagnostopoulos2018intrinsic,
 author = {Anagnostopoulos, Nikolaos Athanasios and Arul, Tolga and Fan, Yufan and Hatzfeld, Christian and Schaller, Andr{\'e} and Xiong, Wenjie and Jain, Manishkumar and Saleem, Muhammad Umair and Lotichius, Jan and Gabmeyer, Sebastian and others},
 journal = {Cryptography},
 title = {Intrinsic run-time row hammer PUFs: Leveraging the row hammer effect for run-time cryptography and improved security},
 year = {2018}
}

@phdthesis{Andersen1994points,
 author = {Andersen, Lars Ole},
 institution = {University of Copenhagen},
 month = {May},
 title = {{Program Analysis and Specialization for the C Programming Language}},
 year = {1994}
}

@inproceedings{andrianatrehina2025exploring,
 author = {Andrianatrehina, Herinomena and Lashermes, Ronan and Paturel, Joseph and Rokicki, Simon and Rubiano, Thomas},
 booktitle = {{International Conference on Availability, Reliability and Security (ARES)}},
 month = {August},
 title = {{Exploring speculation barriers for RISC-V selective speculation}},
 year = {2025}
}

@inproceedings{Andriesse2014instruction,
 author = {Andriesse, Dennis and Bos, Herbert},
 booktitle = {DIMVA},
 title = {Instruction-level steganography for covert trigger-based malware},
 year = {2014}
}

@misc{Android2015,
 author = {{Google Inc.}},
 month = {February},
 title = {{Android 4.4 platform optimizations}},
 url = {https://source.android.com/devices/tech/low-ram.html},
 year = {2015}
}

@misc{Android2017seccomp,
 author = {Google Inc.},
 month = {July},
 title = {{Seccomp filter in Android O}},
 url = {https://android-developers.googleblog.com/2017/07/seccomp-filter-in-android-o.html},
 year = {2017}
}

@misc{Android2019permission,
 author = {Google Inc.},
 month = {December},
 title = {{Permissions overview}},
 url = {https://developer.android.com/guide/topics/permissions/overview},
 year = {2019}
}

@inproceedings{Andrysco2015subnormal,
 author = {Andrysco, Marc and Kohlbrenner, David and Mowery, Keaton and Jhala, Ranjit and Lerner, Sorin and Shacham, Hovav},
 booktitle = {S\&P},
 title = {On subnormal floating point and abnormal timing},
 year = {2015}
}

@misc{angr,
 author = {{The angr Project contributors}},
 title = {{angr}},
 url = {https://github.com/angr/angr},
 year = {2024}
}

@misc{angr2024simprocedures,
 author = {{The angr Project contributors}},
 title = {{Hooks and SimProcedures}},
 url = {https://docs.angr.io/en/latest/extending-angr/simprocedures.html},
 year = {2024}
}

@misc{Anon2022TyproPreprint,
 author = {N.N.},
 note = {in review (under submission) at \textit{ACSAC '22}},
 title = {{TyPro: Forward CFI for C-Style Indirect Function Calls Using Type Propagation}},
 url = {https://anonymous.4open.science/r/Typro-Preprint/Typro-preprint.pdf},
 year = {2022}
}

@misc{ANSI1999,
 author = {ANSI Technical Committee and ISO/IEC JTC 1 Working Group and others},
 title = {{Rationale for international standard, Programming languages - C}},
 year = {1999}
}

@inproceedings{antonino2021guardian,
 author = {Antonino, Pedro and Woloszyn, Wojciech Aleksander and Roscoe, AW},
 booktitle = {CCSW},
 title = {Guardian: Symbolic validation of orderliness in SGX enclaves},
 year = {2021}
}

@inproceedings{Aoki2001Camellia,
 author = {Aoki, Kazumaro and Ichikawa, Tetsuya and Kanda, Masayuki and Matsui, Mitsuru and Moriai, Shiho and Nakajima, Junko and Tokita, Toshio},
 booktitle = {SAC},
 title = {Camellia: A 128-bit block cipher suitable for multiple platforms-design and analysis},
 year = {2001}
}

@inproceedings{aoki2001camellia,
 author = {Aoki, Kazumaro and Ichikawa, Tetsuya and Kanda, Masayuki and Matsui, Mitsuru and Moriai, Shiho and Nakajima, Junko and Tokita, Toshio},
 booktitle = {Selected Areas in Cryptography: 7th Annual International Workshop},
 title = {Camellia: A 128-bit block cipher suitable for multiple platforms—design andanalysis},
 year = {2001}
}

@misc{AospLkm2020,
 author = {Android Open Source Project},
 title = {Loadable Kernel Modules},
 url = {https://source.android.com/devices/architecture/kernel/loadable-kernel-modules},
 year = {2020}
}

@misc{AppFormix2017,
 author = {Juniper Networks},
 month = {October},
 title = {Optimize the Performance of Your Cloud Infrastructure},
 url = {https://www.juniper.net/assets/us/en/local/pdf/solutionbriefs/3510607-en.pdf},
 year = {2017}
}

@misc{Apple2018About,
 author = {{Apple Inc.}},
 title = {{About speculative execution vulnerabilities in ARM-based and Intel CPUs}},
 url = {https://support.apple.com/en-us/HT208394},
 year = {2018}
}

@misc{Apple2019filepermissions,
 author = {{Apple}},
 title = {{macOS Sierra: Set permissions for items on your Mac}},
 url = {https://support.apple.com/kb/PH25287},
 year = {2019}
}

@misc{Apple2020permission,
 author = {Apple Inc.},
 title = {{Requesting Access to Protected Resources}},
 url = {https://developer.apple.com/documentation/uikit/protecting_the_user_s_privacy/requesting_access_to_protected_resources},
 year = {2020}
}

@misc{Apple2023InputMonitoring,
 author = {{Apple}},
 title = {{Control access to input monitoring on Mac}},
 url = {https://support.apple.com/guide/mac-help/control-access-to-input-monitoring-on-mac-mchl4cedafb6/mac},
 year = {2023}
}

@misc{Apple2024alternative,
 author = {Apple},
 title = {{Using alternative browser engines in the European Union}},
 url = {{https://developer.apple.com/support/alternative-browser-engines/}},
 year = {2024}
}

@misc{Apple2024TrueTypeSpec,
 author = {{Apple}},
 note = {Retrieved 2024-04-24},
 title = {{TrueType Reference Manual}},
 url = {https://developer.apple.com/fonts/TrueType-Reference-Manual/},
 year = {2024}
}

@misc{Apple2024WKWebView,
 author = {Apple},
 title = {{WKWebView - Documentation}},
 url = {{https://developer.apple.com/documentation/webkit/wkwebview}},
 year = {2024}
}

@misc{APQ8064EMCDS,
 author = {Qualcomm Technologies, Inc.},
 title = {Qualcomm Snapdragon 600E Processor APQ8064E: Recommended Memory Controller and Device Settings},
 year = {2016}
}

@misc{ArchWiki2023udev,
 author = {{ArchWiki}},
 title = {{udev}},
 url = {https://wiki.archlinux.org/title/udev},
 year = {2023}
}

@inproceedings{Argyros2012,
 author = {Argyros, George and Kiayias, Aggelos},
 booktitle = {{USENIX Security Symposium}},
 title = {{I Forgot Your Password: Randomness Attacks Against PHP Applications.}},
 year = {2012}
}

@article{Argyroudis2012exploiting,
 author = {Argyroudis, Patroklos and Karamitas, Chariton},
 journal = {Blackhat USA},
 title = {{Exploiting the jemalloc memory allocator: Owning Firefox’s heap}},
 year = {2012}
}

@misc{ARM2005thumb,
 month = {December},
 note = {DDI 0308D},
 organization = {ARM Limited},
 title = {ARM Architecture Reference Manual, Thumb-2 Supplement},
 year = {2005}
}

@article{arm2009security,
 author = {ARM, A},
 journal = {ARM Limited},
 title = {{Security technology building a secure system using trustzone technology (white paper)}},
 year = {2009}
}

@misc{Arm2016validation,
 author = {{Arm}},
 title = {{System Validation at ARM: Enabling Our Partners to Build Better Systems}},
 url = {https://developer.arm.com/-/media/Arm Developer Community/PDF/System IP/System_Validation_at_ARM_Enabling_our_partners_to_build_better_systems.pdf?revision=a82b4e93-4118-4a3a-ba5f-70e38f6b4616&hash=88D9B7CF58BE13B124E43EE538D21F4D},
 year = {2016}
}

@misc{ARM2017specxml,
 author = {{Arm}},
 title = {{A-Profile Exploration tools}},
 url = {https://developer.arm.com/architectures/cpu-architecture/a-profile/exploration-tools},
 year = {2017}
}

@misc{Arm2018Synchronization,
 author = {{ARM}},
 publisher = {{ARM Limited}},
 title = {{ARMv8-A synchronization primitives}},
 year = {2018}
}

@misc{Arm2018TechnicalA76,
 author = {{ARM}},
 publisher = {{ARM Limited}},
 title = {{Arm Cortex‑A76 Core Technical Reference Manual}},
 year = {2018}
}

@misc{ARM2018Vulnerability,
 author = {{ARM}},
 title = {{Vulnerability of Speculative Processors to Cache Timing Side-Channel Mechanism}},
 url = {https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability},
 year = {2018}
}

@misc{ARM2018Whitepaper,
 author = {{ARM}},
 title = {{ARM: Whitepaper Cache Speculation Side-channels}},
 url = {https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/download-the-whitepaper},
 year = {2018}
}

@misc{ARM2020PMU,
 author = {ARM},
 day = {23},
 howpublished = {[Online]. Available: \url{https://developer.arm.com/documentation/ihi0091/a-a}},
 month = {November},
 title = {Arm CoreSight Performance Monitoring Unit Architecture},
 year = {2020}
}

@misc{ARM2020SpectreBHB,
 author = {{Arm}},
 note = {Version 1.7},
 title = {{Spectre-BHB: Speculative Target Reuse Attacks}},
 url = {https://developer.arm.com/documentation/102898/latest/},
 year = {2020}
}

@misc{ARM2020straight,
 author = {{ARM}},
 note = {Version 1.0},
 title = {{Straight-line Speculation}},
 year = {2020}
}

@misc{arm2021dit,
 author = {ARM},
 title = {{DIT, Data Independent Timing}},
 url = {https://developer.arm.com/documentation/ddi0595/2021-06/AArch64-Registers/DIT--Data-Independent-Timing},
 year = {2021}
}

@misc{ARM2021DynamicPowerManagement,
 organization = {{ARM}},
 title = {Dynamic power management},
 url = {https://developer.arm.com/documentation/100095/0003/Functional-Description/Power-management/Dynamic-power-management},
 year = {2021}
}

@misc{ARM2021GenericTimer,
 author = {ARM},
 day = {25},
 howpublished = {[Online]. Available: \url{https://developer.arm.com/documentation/102379/0000/The-processor-timers}},
 month = {January},
 title = {Learn the architecture: Generic Timer},
 year = {2021}
}

@misc{ARM2022speculative,
 author = {{Arm}},
 title = {{Speculative Processor Vulnerability}},
 url = {https://developer.arm.com/Arm%20Security%20Center/Speculative%20Processor%20Vulnerability},
 year = {2022}
}

@misc{Arm2023ManualArmA,
 author = {{ARM}},
 title = {{Arm Architecture Reference Manual for A-profile architecture}},
 year = {2023}
}

@misc{arm_arch_a64,
 author = {{ARM Limited}},
 month = {Sep},
 title = {{ARM A64 Instruction Set Architecture}},
 year = {2018}
}

@book{arm_arch_manualv7,
 author = {{ARM Limited}},
 publisher = {{ARM Limited}},
 title = {ARM Architecture Reference Manual. ARMv7-A and ARMv7-R edition},
 year = {2012}
}

@book{arm_arch_manualv8,
 author = {{ARM}},
 publisher = {{ARM Limited}},
 title = {{ARM Architecture Reference Manual ARMv8}},
 year = {2013}
}

@article{ARM_GIC,
 author = {ARM},
 title = {{ARM Generic Interrupt Controller Architecture version 2.0}},
 year = {2013}
}

@misc{ARM_How_GIC,
 author = {ARM},
 title = {{Application Note 176 -- How a GIC works}},
 url = {http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.dai0176c/ar01s03s02.html},
 year = {2007}
}

@misc{ARM_mbedTLS,
 author = {{ARM}},
 title = {{mbed TLS}},
 url = {https:///tls.mbed.org},
 year = {2020}
}

@article{Armbrust2010,
 author = {Armbrust, Michael and Stoica, Ion and Zaharia, Matei and Fox, Armando and Griffith, Rean and Joseph, Anthony D. and Katz, Randy H. and Konwinski, Andy and Lee, Gunho and Patterson, David and Rabkin, Ariel},
 journal = {Communications of the ACM},
 month = {April},
 number = {4},
 pages = {50},
 title = {{A view of cloud computing}},
 url = {http://portal.acm.org/citation.cfm?doid=1721654.1721672},
 volume = {53},
 year = {2010}
}

@misc{ARMCacheSlices,
 author = {{Arm Limited}},
 title = {{Cache slice and master port selection}},
 url = {https://developer.arm.com/documentation/100453/0300/functional-description/l3-cache/cache-slices-and-portions/cache-slice-and-master-port-selection?lang=en},
 year = {2024}
}

@misc{ARMCortexA53,
 author = {{ARM}},
 title = {{ARM Developer - Cortex-A53}},
 url = {https://developer.arm.com/ip-products/processors/cortex-a/cortex-a53},
 year = {2019}
}

@misc{ARMCortexR8,
 author = {{ARM Limited}},
 title = {{CPU CORTEX-R8}},
 url = {https://www.arm.com/products/silicon-ip-cpu/cortex-r/cortex-r8},
 year = {2009}
}

@misc{ArmCustomOpcodes,
 author = {Choquin, Lauranne and Piry, Fred},
 publisher = {Arm},
 title = {{Arm Custom Instructions for Armv8-M: Enabling Innovation and Greater Flexibility on Arm}},
 year = {2019}
}

@misc{ARMGuide2002realview,
 organization = {Advanced Micro Devices Inc.},
 title = {RealView{{\textregistered} Compilation Tools}},
 year = {2002}
}

@misc{ARMkpti,
 author = {ARM},
 title = {{AArch64 Linux kernel port (KPTI base)}},
 url = {https://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git/log/?h=kpti},
 year = {2018}
}

@misc{ARMSpecAnalysis,
 author = {{ARM Limited}},
 title = {{Vulnerability of Speculative Processors to Cache Timing Side-Channel Mechanism}},
 year = {2018}
}

@misc{ARMSpecAnalysis_whitepaper,
 author = {{ARM}},
 note = {Version 2.5},
 title = {{Cache Speculation Side-channels}},
 year = {2020}
}

@misc{ARMSpectreLinuxv2Hardening,
 author = {Russel King},
 title = {{ARM: spectre-v2: harden branch predictor on context switches}},
 year = {2018}
}

@misc{ARMSpecVulnerabilityAnalysis,
 author = {{ARM Limited}},
 title = {{Vulnerability of Speculative Processors to Cache Timing Side-Channel Mechanism}},
 year = {2018}
}

@misc{ARMWhitepaper,
 author = {{ARM}},
 title = {Cache Speculation Side-channels},
 url = {https://armkeil.blob.core.windows.net/developer/Files/pdf/Cache_Speculation_Side-channels_03May18.pdf},
 year = {2018}
}

@inproceedings{Arnaud2013,
 author = {Arnaud, Cyril and Fouque, Pierre-Alain},
 booktitle = {CT-RSA 2013},
 title = {{Timing attack against protected RSA-CRT implementation used in PolarSSL}},
 year = {2013}
}

@inproceedings{Arnautov2016,
 author = {Arnautov, Sergei and Trach, Bohdan and Gregor, Franz and Knauth, Thomas and Martin, Andre and Priebe, Christian and Lind, Joshua and Muthukumaran, Divya and O{$\textquoteright$}Keeffe, Dan and Stillwell, Mark L and others},
 booktitle = {OSDI},
 title = {{SCONE: Secure Linux Containers with Intel SGX}},
 year = {2016}
}

@article{Arnold2005,
 author = {Ken Arnold},
 journal = {ACM Queue},
 number = {5},
 title = {{Programmers are People, Too}},
 volume = {3},
 year = {2005}
}

@inproceedings{Arp2022mldonts,
 author = {Arp, Daniel and Quiring, Erwin and Pendlebury, Feargus and Warnecke, Alexander and Pierazzi, Fabio and Wressnegger, Christian and Cavallaro, Lorenzo and Rieck, Konrad},
 booktitle = {USENIX Security Symposium},
 title = {Dos and don'ts of machine learning in computer security},
 year = {2022}
}

@inproceedings{arshad2018large,
 author = {Arshad, Sajjad and Mirheidari, Seyed Ali and Lauinger, Tobias and Crispo, Bruno and Kirda, Engin and Robertson, William},
 booktitle = {{World Wide Web Conference (TheWebConf)}},
 title = {Large-scale analysis of style injection by relative path overwrite},
 year = {2018}
}

@phdthesis{arshad2020understanding,
 author = {Arshad, Sajjad},
 school = {Northeastern University, Boston},
 title = {{Understanding and Mitigating the Security Risks of Content Inclusion in Web Browsers}},
 year = {2020}
}

@misc{Arya2012fuzzing,
 author = {Arya, Abhishek and Neckar, Cris},
 title = {Fuzzing for security},
 url = {https://blog.chromium.org/2012/04/fuzzing-for-security.html},
 year = {2012}
}

@article{Arzt2014,
 author = {Arzt, Steven and Rasthofer, Siegfried and Fritz, Christian and Bodden, Eric and Bartel, Alexandre and Klein, Jacques and Le Traon, Yves and Octeau, Damien and McDaniel, Patrick},
 journal = {Acm Sigplan Notices},
 title = {{Flowdroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps}},
 year = {2014}
}

@article{asanovic2014instruction,
 author = {Asanovi{\'c}, Krste and Patterson, David A},
 journal = {University of California Berkeley},
 title = {{Instruction sets should be free: The case for risc-v}},
 year = {2014}
}

@article{asanovic2016rocket,
 author = {Asanovic, Krste and Avizienis, Rimas and Bachrach, Jonathan and Beamer, Scott and Biancolin, David and Celio, Christopher and Cook, Henry and Dabbelt, Daniel and Hauser, John and Izraelevitz, Adam and others},
 journal = {EECS Berkley},
 title = {{The rocket chip generator}},
 year = {2016}
}

@inproceedings{Aschermann2019redqueen,
 author = {Aschermann, Cornelius and Schumilo, Sergej and Blazytko, Tim and Gawlik, Robert and Holz, Thorsten},
 booktitle = {NDSS},
 title = {{REDQUEEN:} Fuzzing with Input-to-State Correspondence},
 year = {2019}
}

@inproceedings{Ashokkumar2016aes,
 author = {Ashokkumar, C and Giri, Ravi Prakash and Menezes, Bernard},
 booktitle = {EuroS\&P},
 title = {Highly efficient algorithms for AES key retrieval in cache access attacks},
 year = {2016}
}

@inproceedings{Ateniese2001,
 author = {Ateniese, Giuseppe and Mangard, Stefan},
 booktitle = {{CCS}},
 title = {{A new approach to DNS security (DNSSEC)}},
 year = {2001}
}

@inproceedings{Athanasiou2018Sidetrail,
 author = {Athanasiou, Konstantinos and Cook, Byron and Emmi, Michael and MacC{\'a}rthaigh, Colm and Schwartz-Narbonne, Daniel and Tasiran, Serdar},
 booktitle = {VSTTE},
 title = {Sidetrail: Verifying time-balancing of cryptosystems},
 year = {2018}
}

@misc{atkins1996rfc1991,
 author = {Atkins, Derek and Stallings, William and Zimmermann, Philip},
 title = {RFC1991: PGP message exchange formats},
 url = {https://datatracker.ietf.org/doc/html/rfc1991},
 year = {1996}
}

@inproceedings{Aumasson2016,
 author = {Aumasson, Jean-Philippe and Merino, Luis},
 booktitle = {Black Hat Briefings},
 no-url = {https://www.blackhat.com/docs/us-16/materials/us-16-Aumasson-SGX-Secure-Enclaves-In-Practice-Security-And-Crypto-Review-wp.pdf},
 title = {{SGX Secure Enclaves in Practice: Security and Crypto Review}},
 year = {2016}
}

@misc{Aumasson2023Cryptocoding,
 author = {Jean-Philippe Aumasson},
 title = {{Cryptocoding}},
 url = {{https://github.com/veorq/cryptocoding}},
 year = {2023}
}

@inproceedings{aumuller2002fault,
 author = {Aum{\"u}ller, Christian and Bier, Peter and Fischer, Wieland and Hofreiter, Peter and Seifert, Jean-Pierre},
 booktitle = {CHES},
 title = {{Fault attacks on RSA with CRT: Concrete results and practical countermeasures}},
 year = {2002}
}

@report{Auriemma2013,
 author = {Auriemma, Luigi and Ferrante, Donato},
 pages = {1--8},
 title = {{Owning render farms via NVIDIA Mental Ray}},
 type = {techreport},
 year = {2013}
}

@book{Austin1994,
 author = {Austin, Todd M and Breach, Scott E and Sohi, Gurindar S},
 number = {6},
 publisher = {ACM},
 title = {{Efficient detection of all pointer and array access errors}},
 volume = {29},
 year = {1994}
}

@inproceedings{Aviram2010,
 author = {Aviram, Amittai and Hu, Sen and Ford, Bryan and Gummadi, Ramakrishna},
 booktitle = {CCSW'10},
 pages = {103--108},
 title = {{Determinating timing channels in compute clouds}},
 year = {2010}
}

@inproceedings{Aviv2012,
 author = {Adam J. Aviv and Benjamin Sapp and Matt Blaze and Jonathan M. Smith},
 booktitle = {{ACSAC}},
 title = {{Practicality of accelerometer side channels on smartphones}},
 year = {2012}
}

@inproceedings{Awasthi2011,
 author = {Awasthi, Manu and Nellans, David W. and Balasubramonian, Rajeev and Davis, Al},
 booktitle = {PACT},
 title = {Prediction Based DRAM Row-Buffer Management in the Many-Core Era},
 year = {2011}
}

@article{Aweke2016,
 author = {Aweke, Zelalem Birhanu and Yitbarek, Salessawi Ferede and Qiao, Rui and Das, Reetuparna and Hicks, Matthew and Oren, Yossi and Austin, Todd},
 journal = {ACM SIGPLAN Notices},
 title = {{ANVIL: Software-based protection against next-generation Rowhammer attacks}},
 year = {2016}
}

@misc{aws2023sevsnp,
 organization = {Amazon Web Services},
 title = {{AMD SEV-SNP}},
 url = {https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sev-snp.html},
 year = {2023}
}

@misc{aws_lambda_edge,
 author = {{AWS Lambda@Edge}},
 url = {https://aws.amazon.com/lambda/edge/},
 year = {2019}
}

@book{axelson2007serial,
 author = {Axelson, Jan},
 publisher = {Lakeview Research LLC},
 title = {Serial Port Complete: The Developer's Guide},
 year = {2007}
}

@inproceedings{ayoub2021reproducing,
 author = {Ayoub, Pierre and Maurice, Cl{\'e}mentine},
 booktitle = {EuroSec},
 title = {{Reproducing spectre attack with gem5: How to do it right?}},
 year = {2021}
}

@inproceedings{Azab2014Hypervision,
 author = {Azab, Ahmed M and Ning, Peng and Shah, Jitesh and Chen, Quan and Bhutkar, Rohan and Ganesh, Guruprasad and Ma, Jia and Shen, Wenbo},
 booktitle = {{CCS}},
 title = {{Hypervision across worlds: Real-time kernel protection from the arm trustzone secure world}},
 year = {2014}
}

@inproceedings{azad2019debloating,
 author = {Azad, Babak Amin and Laperdrix, Pierre and Nikiforakis, Nick},
 booktitle = {{USENIX} Security Symposium},
 month = {August},
 title = {Less is More: Quantifying the Security Benefits of Debloating Web Applications},
 year = {2019}
}

@article{azarderakhsh2017supersingular,
 author = {Azarderakhsh, Reza and Campagna, Matthew and Costello, Craig and Feo, Luca De and Hess, Basil and Jalali, Amir and Jao, David and Koziel, Brian and LaMacchia, Brian and Longa, Patrick and others},
 journal = {Submission to the NIST Post-Quantum Standardization project},
 title = {Supersingular isogeny key encapsulation},
 year = {2017}
}

@misc{azarderakhsh2017supersingularweb,
 author = {Azarderakhsh, Reza and Koziel, Brian and Campagna, Matt and LaMacchia, Brian and Costello, Craig and Longa, Patrick and De Feo, Luca and Naehrig, Michael and Hess, Basil and Renes, Joost and others},
 title = {Supersingular isogeny key encapsulation (2017)},
 url = {http://sike.org},
 year = {2017}
}

@misc{azure2023confvm,
 organization = {Microsoft Azure},
 title = {{Azure confidential computing}},
 url = {https://learn.microsoft.com/azure/confidential-computing/},
 year = {2023}
}

@misc{azure_serverless_computing,
 author = {{Azure serverless computing}},
 url = {https://azure.microsoft.com/en-us/overview/serverless-computing/},
 year = {2019}
}

@misc{azurevtpm,
 author = {{Microsoft}},
 title = {{Support for generation 2 VMs (preview) on Azure}},
 url = {https://docs.microsoft.com/en-us/azure/virtual-machines/windows/generation-2},
 year = {2019}
}

@inproceedings{Backes2010,
 author = {Backes, Michael and D{\"u}rmuth, Markus and Gerling, Sebastian and Pinkal, Manfred and Sporleder, Caroline},
 booktitle = {{USENIX Security}},
 title = {{Acoustic Side-Channel Attacks on Printers.}},
 year = {2010}
}

@inproceedings{backes2014you,
 author = {Backes, Michael and Holz, Thorsten and Kollenda, Benjamin and Koppe, Philipp and N{\"u}rnberger, Stefan and Pewny, Jannik},
 booktitle = {CCS},
 title = {You can run but you can't read: Preventing disclosure exploits in executable code},
 year = {2014}
}

@article{bae2020flush,
 author = {Bae, Daehyeon and Hwang, Jongbae and Ha, Jaecheol},
 journal = {Journal of the Korea Institute of Information Security \& Cryptology},
 title = {Flush+ Reload Cache Side-Channel Attack on Block Cipher ARIA},
 year = {2020}
}

@article{Baer1995stride,
 author = {Baer, Jean-Loup and Chen, Tien-Fu},
 journal = {IEEE Transactions on Computers},
 month = {May},
 title = {Effective Hardware-Based Data Prefetching for High-Performance Processors},
 year = {1995}
}

@inproceedings{bahmani2021cure,
 author = {Raad Bahmani and Ferdinand Brasser and Ghada Dessouky and Patrick Jauernig and Matthias Klimmek and Ahmad-Reza Sadeghi and Emmanuel Stapf},
 booktitle = {USENIX Security Symposium (USENIX Security)},
 month = {August},
 title = {{CURE}: A Security Architecture with {CUstomizable} and Resilient Enclaves},
 year = {2021}
}

@misc{Bains2014row1,
 author = {Bains, K.S. and Halbert, J.B.},
 month = {June},
 note = {{US Patent App. 13/690,523}},
 publisher = {Google Patents},
 title = {Row hammer monitoring based on stored row hammer threshold value},
 url = {https://google.com/patents/US20140156923},
 year = {2014}
}

@misc{Bains2014row2,
 author = {Bains, K.S. and Halbert, J.B. and Mozak, C.P. and Schoenborn, T.Z. and Greenfield, Z.},
 month = {January},
 note = {{US Patent App. 13/539,415}},
 publisher = {Google Patents},
 title = {Row hammer refresh command},
 url = {https://google.com/patents/US20140006703},
 year = {2014}
}

@article{bajikar2002trusted,
 author = {Bajikar, Sundeep},
 journal = {Mobile Platforms Group Intel Corporation},
 pages = {20},
 title = {{Trusted Platform Module (TPM) based security on notebook pcs-white paper}},
 volume = {1},
 year = {2002}
}

@article{balakrishnan2005code,
 author = {Balakrishnan, Arini and Schulze, Chloe},
 journal = {CC},
 title = {Code obfuscation literature survey},
 year = {2005}
}

@article{Baldoni2018Survey,
 author = {Baldoni, Roberto and Coppa, Emilio and D’elia, Daniele Cono and Demetrescu, Camil and Finocchi, Irene},
 journal = {CSUR},
 title = {{A survey of symbolic execution techniques}},
 year = {2018}
}

@inproceedings{Balduzzi2012,
 author = {Balduzzi, Marco and Zaddach, Jonas and Balzarotti, Davide and Kirda, Engin and Loureiro, Sergio},
 booktitle = {Proceedings of the 27th ACM Symposium On Applied Computing, Security Track (SAC'12)},
 title = {{A Security Analysis of Amazon{$\textquoteright$}s Elastic Compute Cloud Service}},
 year = {2012}
}

@inproceedings{Ball2004,
 author = {Ball, Thomas and Cook, Byron and Levin, Vladimir and Rajamani, Sriram K},
 booktitle = {{International Conference on Integrated Formal Methods}},
 organization = {Springer},
 title = {{SLAM and Static Driver Verifier: Technology transfer of formal methods inside Microsoft}},
 year = {2004}
}

@article{Balliu2019,
 author = {Balliu, Musard and Dam, Mads and Guanciale, Roberto},
 journal = {arXiv:1911.00868},
 title = {{InSpectre: Breaking and Fixing Microarchitectural Vulnerabilities by Formal Analysis}},
 year = {2019}
}

@techreport{Bangert2013,
 author = {Bangert, Julian and Bratus, Sergey and Shapiro, Rebecca and Locasto, Michael E and Reeves, Jason and Smith, Sean W and Shubina, Anna},
 institution = {Dartmouth Technical Report TR2013-272},
 title = {{ELFbac: using the loader format for intent-level semantics and fine-grained protection}},
 year = {2013}
}

@article{bar2006sorcerer,
 author = {Bar-El, Hagai and Choukri, Hamid and Naccache, David and Tunstall, Michael and Whelan, Claire},
 journal = {Proceedings of the IEEE},
 title = {{The sorcerer's apprentice guide to fault attacks}},
 year = {2006}
}

@inproceedings{Barber2019,
 author = {Barber, Kristin and Bacha, Anys and Zhou, Li and Zhang, Yinqian and Teodorescu, Radu},
 booktitle = {Parallel Architectures and Compilation Techniques (PACT)},
 title = {Specshield: Shielding speculative data from microarchitectural covert channels},
 year = {2019}
}

@inproceedings{Barberis2022BHI,
 author = {Barberis, Enrico and Frigo, Pietro and Muench, Marius and Bos, Herbert and Giuffrida, Cristiano},
 booktitle = {USENIX Security},
 title = {Branch history injection: On the effectiveness of hardware mitigations against cross-privilege Spectre-v2 attacks},
 year = {2022}
}

@misc{Baresifter,
 author = {Stecklina, Julian},
 title = {{Baresifter: A bare-metal x86 instruction set fuzzer a la Sandsifter}},
 url = {https://github.com/blitz/baresifter},
 year = {2019}
}

@article{Barham2003,
 author = {Barham, Paul and Dragovic, Boris and Fraser, Keir and Hand, Steven and Harris, Tim and Ho, Alex and Neugebauer, Rolf and Pratt, Ian and Warfield, Andrew},
 journal = {ACM SIGOPS Operating Systems Review},
 number = {5},
 pages = {164--177},
 title = {{Xen and the Art of Virtualization}},
 volume = {37},
 year = {2003}
}

@inproceedings{Barker2012,
 author = {Barker, Sean and Wood, Timothy and Shenoy, Prashant and Sitaraman, Ramesh},
 booktitle = {Proceedings of the 2012 USENIX Annual Technical Conference (USENIX ATC'12)},
 title = {{An Empirical Study of Memory Sharing in Virtual Machines}},
 year = {2012}
}

@report{Barker2014,
 author = {Barker, Elaine and Chen, Lily and Moody, Dustin},
 month = {10},
 publisher = {National Institute of Standards and Technology ({NIST})},
 title = {Recommendation for Pair-Wise Key-Establishment Schemes Using Integer Factorization Cryptography},
 type = {techreport},
 year = {2014}
}

@report{Barker2015,
 author = {Barker, Elaine B. and Roginsky, Allen L.},
 month = {November},
 publisher = {National Institute of Standards and Technology ({NIST})},
 title = {Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths},
 type = {techreport},
 year = {2015}
}

@inproceedings{Barresi2015,
 author = {Antonio Barresi and Kaveh Razavi and Mathias Payer and Thomas R. Gross},
 booktitle = {{WOOT}},
 title = {{CAIN:} Silently Breaking {ASLR} in the Cloud},
 year = {2015}
}

@inproceedings{Barthe2011,
 author = {Barthe, Gilles and Betarte, Gustavo and Campo, Juan Diego and Luna, Carlos},
 booktitle = {Proceedings of the 17th international conference on Formal methods (FM'11)},
 pages = {231--245},
 title = {{Formally Verifying Isolation and Availability in an Idealized Model of Virtualization}},
 year = {2011}
}

@inproceedings{barthe2018secure,
 author = {{Barthe, Gilles and Gr{\'e}goire, Benjamin and Laporte, Vincent}},
 booktitle = {CSF},
 title = {Secure compilation of side-channel countermeasures: the case of cryptographic “constant-time”},
 year = {2018}
}

@inproceedings{Barthe2021Highassurance,
 author = {Barthe, Gilles and Cauligi, Sunjay and Gr{\'e}goire, Benjamin and Koutsos, Adrien and Liao, Kevin and Oliveira, Tiago and Priya, Swarn and Rezk, Tamara and Schwabe, Peter},
 booktitle = {S\&P},
 title = {High-assurance cryptography in the spectre era},
 year = {2021}
}

@misc{Bastille2016Mousejack,
 author = {{Bastille Research}},
 title = {{MouseJack}},
 url = {https://www.mousejack.com/},
 year = {2016}
}

@inproceedings{Bates2012,
 author = {Bates, Adam and Mood, Benjamin and Pletcher, Joe and Pruse, Hannah},
 booktitle = {CCSW'12},
 title = {{Detecting Co-Residency with Active Traffic Analysis Techniques}},
 year = {2012}
}

@inproceedings{Batson2001,
 author = {Batson, Brannon and Vijaykumar, TN},
 booktitle = {Proceedings 2001 International Conference on Parallel Architectures and Compilation Techniques},
 title = {Reactive-associative caches},
 year = {2001}
}

@article{bauer2016lest,
 author = {Bauer, Johannes and Gruhn, Michael and Freiling, Felix C},
 journal = {Digital Investigation},
 title = {Lest we forget: Cold-boot attacks on scrambled DDR3 memory},
 year = {2016}
}

@inproceedings{Bauer2021NoVT,
 author = {Markus Bauer and Christian Rossow},
 booktitle = {IEEE EuroS\&P},
 title = {{NoVT: Eliminating C++ Virtual Calls to Mitigate Vtable Hijacking}},
 year = {2021}
}

@inproceedings{Bauer2022Typro,
 author = {Markus Bauer and Ilya Grishchenko and Christian Rossow},
 booktitle = {ACSAC},
 title = {{TyPro: Forward CFI for C-Style Indirect Function Calls Using Type Propagation}},
 year = {2022}
}

@inproceedings{Bauer2024Switchpoline,
 author = {Markus Bauer and Lorenz Hetterich and Michael Schwarz and Christian Rossow},
 booktitle = {AsiaCCS},
 title = {{Switchpoline: A Software Mitigation for Spectre-BTB and Spectre-BHB on ARMv8}},
 year = {2024}
}

@inproceedings{Bauman2016,
 author = {Bauman, Erick and Lin, Zhiqiang},
 booktitle = {Workshop on System Software for Trusted Execution},
 title = {A case for protecting computer games with {SGX}},
 year = {2016}
}

@article{Baumann2015,
 author = {Baumann, Andrew and Peinado, Marcus and Hunt, Galen},
 journal = {ACM Transactions on Computer Systems},
 title = {Shielding applications from an untrusted cloud with haven},
 year = {2015}
}

@inproceedings{baumann2016disguised,
 author = {Baumann, Peter and Katzenbeisser, Stefan and Stopczynski, Martin and Tews, Erik},
 booktitle = {WPES},
 title = {{Disguised chromium browser: Robust browser, flash and canvas fingerprinting protection}},
 year = {2016}
}

@inproceedings{Bazhaniuk2015Symbolic,
 author = {Bazhaniuk, Oleksandr and Loucaides, John and Rosenbaum, Lee and Tuttle, Mark R and Zimmer, Vincent},
 booktitle = {WOOT},
 title = {Symbolic Execution for $\{$BIOS$\}$ Security},
 year = {2015}
}

@inproceedings{Bazrafshan2013,
 author = {Bazrafshan, Zahra and Hashemi, Hashem and Fard, Seyed Mehdi Hazrati and Hamzeh, Ali},
 booktitle = {The 5th Conference on Information and Knowledge Technology},
 month = {May},
 publisher = {Institute of Electrical and Electronics Engineers ({IEEE})},
 title = {A survey on heuristic malware detection techniques},
 year = {2013}
}

@article{Beamer2015GAP,
 author = {Beamer, Scott and Asanovic, Krste and Patterson, David A.},
 journal = {arXiv:1508.03619},
 title = {{The {GAP} Benchmark Suite}},
 year = {2015}
}

@inproceedings{Becchi2012,
 author = {Becchi, Michela and Sajjapongse, Kittisak and Graves, Ian and Procter, Adam and Ravi, Vignesh and Chakradhar, Srimat},
 booktitle = {Proceedings of the 21st international symposium on High-Performance Parallel and Distributed Computing (HPDC'12)},
 pages = {97},
 title = {{A virtual memory based runtime to support multi-tenancy in clusters with GPUs}},
 year = {2012}
}

@book{becker2012grobner,
 author = {Becker, Thomas and Weispfenning, Volker},
 publisher = {Springer Science \& Business Media},
 title = {{Gr{\"o}bner bases: a computational approach to commutative algebra}},
 year = {2012}
}

@misc{BehrensBugReport2019,
 author = {Behrens, Jonathan},
 title = {{Bug \#1820686 "risc-v: 'c.unimp' instruction decoded as 'c.addi4s'"}},
 url = {https://bugs.launchpad.net/qemu/+bug/1820686},
 year = {2019}
}

@article{Bekerman2000early,
 author = {Bekerman, Michael and Yoaz, Adi and Gabbay, Freddy and Jourdan, Stephan and Kalaev, Maxim and Ronen, Ronny},
 journal = {ACM SIGARCH Computer Architecture News},
 number = {2},
 title = {Early load address resolution via register tracking},
 volume = {28},
 year = {2000}
}

@inproceedings{bekrar2012taint,
 author = {Bekrar, Sofia and Bekrar, Chaouki and Groz, Roland and Mounier, Laurent},
 booktitle = {2012 IEEE Fifth International Conference on Software Testing, Verification and Validation},
 organization = {IEEE},
 pages = {818--825},
 title = {A taint based approach for smart fuzzing},
 year = {2012}
}

@inproceedings{bellard2005qemu,
 author = {Bellard, Fabrice},
 booktitle = {Usenix ATEC},
 title = {QEMU, a fast and portable dynamic translator},
 year = {2005}
}

@inproceedings{Ben-Yehuda2006,
 author = {Ben-Yehuda, Muli and Mason, Jon and Krieger, Orran and Xenidis, Jimi and Doorn, Leendert Van and Mallick, Asit and Nakajima, Jun and Wahlig, Elsie},
 booktitle = {The 2006 Ottawa Linux Symposium (OLS{$\textquoteright$}06)},
 pages = {71--86},
 title = {{Utilizing IOMMUs for Virtualization in Linux and Xen}},
 year = {2006}
}

@inproceedings{Ben-Yehuda2007,
 author = {Ben-Yehuda, Muli and Xenidis, Jimi and Ostrowski, Michal and Rister, Karl and Bruemmer, Alexis and Doorn, Leendert Van},
 booktitle = {The 2007 Ottawa Linux Symposium (OLS'07)},
 pages = {9--20},
 title = {{The Price of Safety: Evaluating IOMMU Performance}},
 year = {2007}
}

@inproceedings{ben2020efficient,
 author = {Ben Khadra, M Ammar and Stoffel, Dominik and Kunz, Wolfgang},
 booktitle = {FSE},
 title = {Efficient binary-level coverage analysis},
 year = {2020}
}

@inproceedings{Benamrane2020Constraint,
 author = {Benamrane, Amine and Benelallam, Imade and Bouyakhf, El Houssine},
 journal = {Journal of Ambient Intelligence and Humanized Computing},
 title = {Constraint programming based techniques for medical resources optimization: medical internships planning},
 year = {2020}
}

@article{bencsath2011duqu,
 author = {Bencs{\'a}th, Boldizs{\'a}r and P{\'e}k, G{\'a}bor and Butty{\'a}n, Levente and F{\'e}legyh{\'a}zi, M{\'a}rk},
 journal = {CrySyS Lab Technical Report},
 title = {Duqu: A Stuxnet-like malware found in the wild},
 year = {2011}
}

@inproceedings{Bencsath2012duqu,
 author = {Bencs{\'a}th, Boldizs{\'a}r and P{\'e}k, G{\'a}bor and Butty{\'a}n, Levente and F{\'e}legyh{\'a}zi, M{\'a}rk},
 booktitle = {{EuroSec}},
 title = {{Duqu: Analysis, detection, and lessons learned}},
 volume = {2012},
 year = {2012}
}

@inproceedings{bender2015declarative,
 author = {Bender, John and Lesani, Mohsen and Palsberg, Jens},
 booktitle = {ACM SIGPLAN Notices},
 number = {10},
 organization = {ACM},
 pages = {367--385},
 title = {Declarative fence insertion},
 volume = {50},
 year = {2015}
}

@inproceedings{Benedict2025Heracles,
 author = {Schlüter, Benedict and Wech, Christoph and Shinde, Shweta},
 booktitle = {CCS},
 title = {Heracles: Chosen Plaintext Attack on AMD SEV-SNP},
 year = {2025}
}

@inproceedings{Benger2014,
 author = {Benger, Naomi and van de Pol, Joop and Smart, Nigel P and Yarom, Yuval},
 booktitle = {CHES},
 title = {{Ooh Aah... Just a Little Bit: A small amount of side channel can go a long way}},
 year = {2014}
}

@inproceedings{bennett2021panopticon,
 author = {Bennett, Tanj and Saroiu, Stefan and Wolman, Alec and Cojocar, Lucian},
 booktitle = {Workshop on DRAM Security (DRAMSec)},
 title = {Panopticon: A complete in-dram rowhammer mitigation},
 year = {2021}
}

@misc{Bentkowski2017css,
 author = {{Michał Bentkowski}},
 title = {{Stealing Data in Great style - How to Use CSS to Attack Web Application.}},
 url = {https://research.securitum.com/stealing-data-in-great-style-how-to-use-css-to-attack-web-application/},
 year = {2017}
}

@article{Berger1961,
 author = {Berger, Jay M},
 journal = {Information and Control},
 number = {1},
 pages = {68--73},
 publisher = {Elsevier},
 title = {A note on error detection codes for asymmetric channels},
 volume = {4},
 year = {1961}
}

@inproceedings{Berger2006,
 author = {Berger, Stefan and Caceres, Ramon and Goldman, Kenneth A and Perez, Ronald and Sailer, Reiner and Doorn, Leendert Van},
 booktitle = {USENIX Security Symposium},
 title = {{vTPM: Virtualizing the Trusted Platform Module}},
 year = {2006}
}

@inproceedings{Berndt1994,
 author = {Berndt, Donald J. and Clifford, James},
 booktitle = {{Proceedings of the 3rd International Conference on Knowledge Discovery and Data Mining}},
 title = {{Using Dynamic Time Warping to Find Patterns in Time Series}},
 year = {1994}
}

@misc{Bernstein2005,
 author = {Bernstein, Daniel J.},
 institution = {Department of Mathematics, Statistics, and Computer Science, University of Illinois at Chicago},
 title = {{Cache-Timing Attacks on AES}},
 year = {2005}
}

@inproceedings{bernstein2008chacha,
 author = {Bernstein, Daniel J and others},
 booktitle = {Workshop record of SASC},
 title = {ChaCha, a variant of Salsa20},
 year = {2008}
}

@inproceedings{bernstein2013mcbits,
 author = {Bernstein, Daniel J and Chou, Tung and Schwabe, Peter},
 booktitle = {CHES},
 title = {{McBits: fast constant-time code-based cryptography}},
 year = {2013}
}

@misc{Bernstein2023Rvvbench,
 author = {Olaf Bernstein},
 title = {rvv-bench: RISC-V Vector benchmark},
 url = {https://github.com/camel-cdr/rvv-bench},
 year = {2023}
}

@inproceedings{BernsteinBGBHLV17,
 author = {Daniel J. Bernstein and
Joachim Breitner and
Daniel Genkin and
Groot Bruinderink, Leon and
Nadia Heninger and
Tanja Lange and
van Vredendaal, Christine and
Yuval Yarom},
 booktitle = {{CHES}},
 pages = {555--576},
 title = {Sliding Right into Disaster: Left-to-Right Sliding Windows Leak},
 year = {2017}
}

@misc{Berra2025IntroducingWEBCAT,
 author = {Giulio Berra},
 title = {{Introducing WEBCAT: Web-based Code Assurance and Transparency}},
 url = {https://securedrop.org/news/introducing-webcat-web-based-code-assurance-and-transparency/},
 year = {2025}
}

@misc{Berra2025WEBCAT,
 author = {Giulio Berra},
 howpublished = {Cryptology {ePrint} Archive, Paper 2025/797},
 title = {{WEBCAT}: Web-based Code Assurance and Transparency},
 url = {https://eprint.iacr.org/2025/797},
 year = {2025}
}

@article{Berry1973,
 author = {Berry, DM and Chirica, L and Johnston, JB and Martin, DF and Sorkin, A},
 journal = {ACM Sigplan Notices},
 number = {11},
 pages = {165--178},
 title = {{On the time required for retention}},
 volume = {8},
 year = {1973}
}

@article{Bertoni2005,
 author = {Bertoni, Guido and Zaccaria, Vittorio and Breveglieri, Luca and Monchiero, Matteo and Palermo, Gianluca},
 journal = {Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'05)},
 publisher = {Ieee},
 title = {{AES power attack based on induced cache miss and countermeasure}},
 year = {2005}
}

@inproceedings{Berzati2008,
 author = {Berzati, Alexandre and Canovas, C{\'e}cile and Goubin, Louis},
 booktitle = {Cryptographic Hardware and Embedded Systems -- CHES 2008},
 title = {Perturbating RSA Public Keys: An Improved Attack},
 year = {2008}
}

@article{Betz2016survey,
 author = {Betz, Johann and Westhoff, Dirk and M{\"u}ller, G{\"u}nter},
 journal = {Transactions on Emerging Telecommunications Technologies},
 title = {Survey on covert channels in virtual machines and cloud computing},
 year = {2016}
}

@inproceedings{Bhattacharya2012,
 author = {Bhattacharya, Sarani and Rebeiro, Chester and Mukhopadhyay, Debdeep},
 booktitle = {MICRO},
 title = {{Hardware prefetchers leak: A revisit of SVF for cache-timing attacks}},
 year = {2012}
}

@article{Bhattacharya2015,
 author = {Sarani Bhattacharya and Debdeep Mukhopadhyay},
 journal = {Cryptology ePrint Archive, Report 2015/621},
 title = {{Who watches the watchmen?: Utilizing Performance Monitors for Compromising keys of RSA on Intel Platforms}},
 year = {2015}
}

@inproceedings{Bhattacharya2016,
 author = {Bhattacharya, Sarani and Mukhopadhyay, Debdeep},
 booktitle = {{CHES}},
 title = {{Curious Case of Rowhammer: Flipping Secret Exponent Bits Using Timing Analysis}},
 year = {2016}
}

@article{Bhattacharya2017perf,
 author = {Bhattacharya, Sarani and Maurice, Cl\'e\-men\-ti\-ne and Bhasin, Shivam and Mukhopadhyay, Debdeep},
 journal = {Cryptology ePrint Archive, Report 2017/968},
 title = {{Template Attack on Blinded Scalar Multiplication with Asynchronous perf-ioctl Calls}},
 year = {2017}
}

@inproceedings{Bhattacharyya2019smotherspectre,
 author = {Bhattacharyya, Atri and Sandulescu, Alexandra and Neugschwandtner, Matthias and Sorniotti, Alessandro and Falsafi, Babak and Payer, Mathias and Kurmus, Anil},
 booktitle = {CCS},
 title = {{SMoTherSpectre: exploiting speculative execution through port contention}},
 year = {2019}
}

@inproceedings{Bhattacharyya2020secrop,
 address = {San Sebastian},
 author = {Atri Bhattacharyya and Andr{\'e}s S{\'a}nchez and Esmaeil M. Koruyeh and Nael Abu-Ghazaleh and Chengyu Song and Mathias Payer},
 booktitle = {RAID},
 title = {SpecROP: Speculative Exploitation of {ROP} Chains},
 year = {2020}
}

@inproceedings{Bianchi2015,
 author = {Bianchi, Antonio and Corbetta, Jacopo and Invernizzi, Luca and Fratantonio, Yanick and Kruegel, Christopher and Vigna, Giovanni},
 booktitle = {{S\&P}},
 title = {{What the app is that? deception and countermeasures in the android user interface}},
 year = {2015}
}

@inproceedings{Bichhawat2017,
 author = {Bichhawat, Abhishek and Rajani, Vineet and Jain, Jinank and Garg, Deepak and Hammer, Christian},
 booktitle = {ESORICS'17},
 title = {WebPol: Fine-grained Information Flow Policies for Web Browsers},
 year = {2017}
}

@phdthesis{Bienia2011benchmarking,
 author = {Christian Bienia},
 institution = {Princeton University},
 month = {January},
 title = {Benchmarking Modern Multiprocessors},
 year = {2011}
}

@inproceedings{Bierbaumer2018Smashing,
 author = {Bierbaumer, Bruno and Kirsch, Julian and Kittel, Thomas and Francillon, Aur{\'e}lien and Zarras, Apostolis},
 booktitle = {ICT Systems Security and Privacy Protection},
 title = {{Smashing the Stack Protector for Fun and Profit}},
 year = {2018}
}

@misc{bigint_v8,
 author = {{v8 developer blog}},
 url = {https://v8.dev/blog/bigint},
 year = {2018}
}

@inproceedings{Biham1997DES,
 author = {Biham, Eli},
 booktitle = {International Workshop on Fast Software Encryption},
 title = {A fast new DES implementation in software},
 year = {1997}
}

@inproceedings{Biham1997DFA,
 author = {Eli Biham and
Adi Shamir},
 booktitle = {CRYPTO},
 title = {Differential Fault Analysis of Secret Key Cryptosystems},
 year = {1997}
}

@article{Binkert2011gem5,
 author = {Binkert, Nathan and Beckmann, Bradford and Black, Gabriel and Reinhardt, Steven K and Saidi, Ali and Basu, Arkaprava and Hestness, Joel and Hower, Derek R and Krishna, Tushar and Sardashti, Somayeh and others},
 journal = {ACM SIGARCH computer architecture news},
 title = {The gem5 simulator},
 year = {2011}
}

@article{Bishop1996race,
 author = {Bishop, Matt and Dilger, Michael and others},
 journal = {Computing systems},
 number = {2},
 title = {{Checking for race conditions in file accesses}},
 volume = {2},
 year = {1996}
}

@article{Biswas2017survey,
 author = {Biswas, Arnab Kumar and Ghosal, Dipak and Nagaraja, Shishir},
 journal = {ACM Computing Surveys (CSUR)},
 title = {A survey of timing channels and countermeasures},
 year = {2017}
}

@misc{bitbucket,
 author = {Atlassian},
 title = {Bitbucket},
 url = {https://bitbucket.org},
 year = {2018}
}

@misc{Bitpay2016,
 key = {Bitpay2016},
 no-url = {https://blog.bitpay.com/intel-and-bitpay/},
 organization = {Bitpay},
 title = {The New Intel® and BitPay Integration},
 year = {2016}
}

@inproceedings{Bittau2014,
 author = {Bittau, Andrea and Belay, Adam and Mashtizadeh, Ali and Mazi{\`e}res, David and Boneh, Dan},
 booktitle = {S\&P},
 title = {Hacking blind},
 year = {2014}
}

@misc{Black2010,
 author = {Black, Nick and Rodzik, Jason},
 title = {{My other computer is your GPU: System-Centric CUDA Threat Modeling with CUBAR}},
 year = {2010}
}

@inproceedings{blackburn2006dacapo,
 author = {Blackburn, Stephen M and Garner, Robin and Hoffmann, Chris and Khang, Asjad M and McKinley, Kathryn S and Bentzur, Rotem and Diwan, Amer and Feinberg, Daniel and Frampton, Daniel and Guyer, Samuel Z and others},
 booktitle = {{ACM Sigplan Notices}},
 title = {{The DaCapo benchmarks: Java benchmarking development and analysis}},
 year = {2006}
}

@inproceedings{Blanchou2013,
 author = {Marc Blanchou},
 booktitle = {{Black Hat Briefings}},
 title = {{Shattering Illusions in Lock-Free Worlds -- Compiler and Hardware behaviors in OSes and VMs}},
 year = {2013}
}

@inproceedings{Blazytko2019grimoire,
 author = {Blazytko, Tim and Aschermann, Cornelius and Schlögel, Moritz and Abbasi, Ali and Schumilo, Sergej and Wörner, Simon and Holz, Thorsten},
 booktitle = {USENIX Security Symposium},
 title = {{GRIMOIRE}: Synthesizing Structure while Fuzzing},
 year = {2019}
}

@article{bleichenbacher2005experiments,
 author = {Bleichenbacher, Daniel},
 journal = {CRYPTO 2005--Rump Session},
 title = {Experiments with DSA},
 year = {2005}
}

@inproceedings{Bleikertz2011a,
 author = {Bleikertz, S\"{o}ren and Gro\ss{}, Thomas and Schunter, Matthias and Eriksson, Konrad},
 booktitle = {ESORICS'11},
 pages = {392--415},
 title = {{Automated Information Flow Analysis of Virtualized Infrastructures}},
 year = {2011}
}

@inproceedings{Bleikertz2011verification,
 author = {Bleikertz, S\"{o}ren and Gro\ss{}, Thomas and M\"{o}dersheim, Sebastian},
 booktitle = {CCSW'11},
 pages = {47--58},
 title = {{Automated Verification of Virtualized Infrastructures}},
 year = {2011}
}

@inproceedings{Blem2013,
 author = {Blem, Emily and Menon, Jaikrishnan and Sankaralingam, Karthikeyan},
 booktitle = {HPCA},
 title = {{Power struggles: Revisiting the RISC vs. CISC debate on contemporary ARM and x86 architectures}},
 year = {2013}
}

@inproceedings{Bletsch2011JOP,
 author = {Tyler K. Bletsch and Xuxian Jiang and Vincent W. Freeh and Zhenkai Liang},
 booktitle = {{AsiaCCS}},
 title = {{Jump-oriented programming: a new class of code-reuse attack}},
 year = {2011}
}

@inproceedings{Bletsch2011mitigating,
 author = {Bletsch, Tyler and Jiang, Xuxian and Freeh, Vince},
 booktitle = {{ACM ACSAC}},
 title = {{Mitigating code-reuse attacks with control-flow locking}},
 year = {2011}
}

@misc{blink2023blink,
 author = {blink(1)},
 title = {blink(1) - the USB RGB LED notification light},
 url = {https://blink1.thingm.com/},
 year = {2023}
}

@inproceedings{Bloem2019,
 author = {Bloem, Roderick and Jacobs, Swen and Vizel, Yakir},
 booktitle = {Symposium on Automated Technology for Verification and Analysis},
 title = {{Efficient Information-Flow Verification Under Speculative Execution}},
 year = {2019}
}

@inproceedings{Blomer2003,
 author = {Bl\"{o}mer, Johannes and May, Alexander},
 booktitle = {Crypto'03},
 title = {{New Partial Key Exposure Attacks on RSA}},
 year = {2003}
}

@inproceedings{Blomer2007,
 author = {Bl\"{o}mer, Johannes and Krummel, Volker},
 booktitle = {Proceedings of the 14th international conference on Selected areas in cryptography (SAC'07)},
 pages = {96--109},
 title = {{Analysis of countermeasures against access driven cache attacks on AES}},
 year = {2007}
}

@inproceedings{Boda2011fingerprint,
 author = {Boda, K{\'a}roly and F{\"o}ldes, {\'A}d{\'a}m M{\'a}t{\'e} and Guly{\'a}s, G{\'a}bor Gy{\"o}rgy and Imre, S{\'a}ndor},
 booktitle = {{Nordic Conference on Secure IT Systems}},
 title = {{User tracking on the web via cross-browser fingerprinting}},
 year = {2011}
}

@inproceedings{Bogdanov2010,
 author = {Andrey Bogdanov and Thomas Eisenbarth and Christof Paar and Malte Wienecke},
 booktitle = {{CT-RSA}},
 pages = {235--251},
 title = {Differential Cache-Collision Timing Attacks on {AES} with Applications to Embedded CPUs},
 year = {2010}
}

@misc{Boggs2019memory,
 author = {Boggs, Darrell D and Segelken, Ross and Cornaby, Mike and Fortino, Nick and Chaudhry, Shailender and Khartikov, Denis and Mooley, Alok and Tuck, Nathan and Vreugdenhil, Gordon},
 note = {US Patent App. 16/022,274},
 publisher = {Google Patents},
 title = {{Memory type which is cacheable yet inaccessible by speculative instructions}},
 year = {2019}
}

@inproceedings{bognar2023proteus,
 author = {Bognar, Marton and Noorman, Job and Piessens, Frank},
 booktitle = {RISC-V Summit Europe},
 title = {Proteus: An Extensible RISC-V Core for Hardware Extensions},
 year = {2023}
}

@inproceedings{bolcskei2025encarsia,
 author = {B{\"o}lcskei, Matej and Solt, Flavien and Ceesay-Seitz, Katharina and Razavi, Kaveh},
 booktitle = {USENIX Security},
 title = {Encarsia: Evaluating CPU Fuzzers via Automatic Bug Injection},
 year = {2025}
}

@misc{Boldin2018MeltdownUncached,
 author = {Boldin, Pavel},
 month = {Jan},
 title = {Meltdown Reading Other process's memory},
 url = {https://www.youtube.com/watch?v=EMBGXswJC4s},
 year = {2018}
}

@inproceedings{Boneh1997,
 author = {Dan Boneh and
Richard A. DeMillo and
Richard J. Lipton},
 booktitle = {{EUROCRYPT}},
 title = {{On the Importance of Checking Cryptographic Protocols for Faults}},
 year = {1997}
}

@inproceedings{Boneh1998,
 author = {Boneh, Dan and Durfee, Glenn and Frankel, Yair},
 booktitle = {International Conference on the Theory and Application of Cryptology and Information Security},
 title = {{An Attack on RSA Given a Small Fraction of the Private Key Bits}},
 year = {1998}
}

@article{boneh2001importance,
 author = {Boneh, Dan and DeMillo, Richard A and Lipton, Richard J},
 booktitle = {Journal of cryptology},
 title = {{On the importance of eliminating errors in cryptographic computations}},
 year = {2001}
}

@inproceedings{boneh2001modular,
 author = {Boneh, Dan and Halevi, Shai and Howgrave-Graham, Nick},
 booktitle = {International Conference on the Theory and Application of Cryptology and Information Security},
 organization = {Springer},
 pages = {36--51},
 title = {{The modular inversion hidden number problem}},
 year = {2001}
}

@inproceedings{Bonneau2006,
 author = {Bonneau, Joseph and Mironov, Ilya},
 booktitle = {CHES},
 title = {{Cache-collision timing attacks against AES}},
 year = {2006}
}

@inproceedings{Bonneau2010,
 author = {Bonneau, Joseph and Preibusch, S{\"o}ren},
 booktitle = {{The 9th Workshop on the Economics of Information Security}},
 title = {{The Password Thicket: Technical and Market Failures in Human Authentication on the Web.}},
 year = {2010}
}

@misc{Booth2015,
 author = {Booth, Jo Malcolm},
 howpublished = {Bachelor Thesis, Harvard School of Engineering and Applied Sciences},
 title = {{Not So Incognito: Exploiting Resource-Based Side Channels in JavaScript Engines}},
 year = {2015}
}

@inproceedings{Borrello2019rop,
 author = {Borrello, Pietro and Coppa, Emilio and D’Elia, Daniele Cono and Demetrescu, Camil},
 booktitle = {ACM Symposium on Applied Computing (SAC)},
 title = {The ROP Needle: Hiding Trigger-based Injection Vectors via Code Reuse},
 year = {2019}
}

@inproceedings{borrello2021constantine,
 author = {Borrello, Pietro and D'Elia, Daniele Cono and Querzoni, Leonardo and Giuffrida, Cristiano},
 booktitle = {SIGSAC},
 title = {Constantine: Automatic side-channel resistance using efficient control and data flow linearization},
 year = {2021}
}

@inproceedings{Borrello2022AEPIC,
 author = {Pietro Borrello and Andreas Kogler and Martin Schwarzl and Moritz Lipp and Daniel Gruss and Michael Schwarz},
 booktitle = {{USENIX Security}},
 title = {{ÆPIC Leak: Architecturally Leaking Uninitialized Data from the Microarchitecture}},
 year = {2022}
}

@inproceedings{Borrello2023CustomProcessingUnit,
 author = {Pietro Borrello and Catherine Easdon and Martin Schwarzl and Roland Czerny and Michael Schwarz},
 booktitle = {WOOT},
 title = {{CustomProcessingUnit: Reverse Engineering and Customization of Intel Microcode}},
 year = {2023}
}

@inproceedings{Bortz2007,
 author = {Bortz, Andrew and Boneh, Dan},
 booktitle = {{WWW}},
 title = {{Exposing private information by timing web applications}},
 year = {2007}
}

@inproceedings{Bosman2014SROP,
 author = {Erik Bosman and
Herbert Bos},
 booktitle = {{S\&P}},
 title = {Framing Signals - {A} Return to Portable Shellcode},
 year = {2014}
}

@inproceedings{Bosman2016,
 author = {Bosman, Erik and Razavi, Kaveh and Bos, Herbert and Giuffrida, Cristiano},
 booktitle = {S\&P},
 title = {{Dedup Est Machina: Memory Deduplication as an Advanced Exploitation Vector}},
 year = {2016}
}

@misc{Bosman2018Bingo,
 author = {Erik Bosman},
 url = {https://twitter.com/brainsmoke/status/948561799875502080},
 year = {2018}
}

@misc{Botezatu2019lfb,
 author = {Botezatu, Bogdan and Lutas, Andrei and Lutas, Dan},
 title = {{Kernel address space layout randomization}},
 url = {https://labs.bitdefender.com/2019/05/yet-another-meltdown-a-microarchitectural-fill-buffer-data-sampling-vulnerability/},
 year = {2019}
}

@inproceedings{Bourgeat2019,
 author = {Bourgeat, Thomas and Lebedev, Ilia and Wright, Andrew and Zhang, Sizhuo and Devadas, Srinivas},
 booktitle = {MICRO},
 title = {{MI6: Secure enclaves in a speculative out-of-order processor}},
 year = {2019}
}

@book{Bovet2005,
 author = {Bovet, Daniel P and Cesati, Marco},
 publisher = {O'Reilly Media, Inc.},
 title = {{Understanding the Linux Kernel}},
 year = {2005}
}

@misc{Bovet2013elf,
 author = {Bovet, Daniel Pierre},
 month = {January},
 title = {{Special sections in Linux binaries}},
 url = {https://lwn.net/Articles/531148/},
 year = {2013}
}

@book{Bowman2015,
 author = {Bowman, Courtney and Gesher, Ari and Grant, John and Slate, Daniel},
 publisher = {O'Reilly},
 title = {{The Architecture of Privacy: On Engineering Technologies That Can Deliver Trustworthy Safeguards}},
 year = {2015}
}

@inproceedings{braden2016leakage,
 author = {Braden, Kjell and Davi, Lucas and Liebchen, Christopher and Sadeghi, Ahmad-Reza and Crane, Stephen and Franz, Michael and Larsen, Per},
 booktitle = {NDSS},
 title = {Leakage-Resilient Layout Randomization for Mobile Devices.},
 volume = {16},
 year = {2016}
}

@inproceedings{Brahmakshatriya2019confllvm,
 author = {Brahmakshatriya, Ajay and Kedia, Piyus and McKee, Derrick P and Garg, Deepak and Lal, Akash and Rastogi, Aseem and Nemati, Hamed and Panda, Anmol and Bhatu, Pratik},
 booktitle = {EuroSys},
 title = {ConfLLVM: A compiler for enforcing data confidentiality in low-level code},
 year = {2019}
}

@misc{Branco2019randpoline,
 author = {Branco, Rodrigo and Hu, Kekai and Sun, Ke and Kawakami, Henrique},
 note = {US Patent App. 16/023,564},
 title = {Efficient mitigation of side-channel based attacks against speculative execution processing architectures},
 year = {2019}
}

@techreport{Brandao2019Towards,
 author = {Brand{\~a}o, Lu{\'\i}s TAN and Davidson, Michael and Vassilev, Apostol},
 institution = {National Institute of Standards and Technology},
 title = {{Towards NIST Standards for Threshold Schemes for Cryptographic Primitives: A Preliminary Roadmap}},
 year = {2019}
}

@misc{Brandom2018,
 author = {Russell Brandom},
 publisher = {Wired},
 title = {{Keeping Spectre Secret}},
 url = {https://www.theverge.com/2018/1/11/16878670/meltdown-spectre-disclosure-embargo-google-microsoft-linux},
 year = {2018}
}

@article{Brandt2013Constraint,
 author = {Brandt, Felix and Bauer, Reinhard and V{\"o}lker, Markus and Cardeneo, Andreas},
 journal = {Journal of Scheduling},
 title = {A constraint programming-based approach to a large-scale energy management problem with varied constraints: A solution approach to the ROADEF/EURO Challenge 2010},
 year = {2013}
}

@inproceedings{Brasser2017catt,
 author = {Ferdinand Brasser and Lucas Davi and David Gens and Christopher Liebchen and Ahmad-Reza Sadeghi},
 booktitle = {USENIX Security Symposium},
 title = {{CAn't} Touch This: Software-only Mitigation against {Rowhammer} Attacks targeting Kernel Memory},
 year = {2017}
}

@inproceedings{Brasser2017sgx,
 author = {Brasser, Ferdinand and M{\"u}ller, Urs and Dmitrienko, Alexandra and Kostiainen, Kari and Capkun, Srdjan and Sadeghi, Ahmad-Reza},
 booktitle = {{WOOT}},
 title = {{Software Grand Exposure: SGX Cache Attacks Are Practical}},
 year = {2017}
}

@inproceedings{brasser2019dr,
 author = {Brasser, Ferdinand and Capkun, Srdjan and Dmitrienko, Alexandra and Frassetto, Tommaso and Kostiainen, Kari and Sadeghi, Ahmad-Reza},
 booktitle = {Annual Computer Security Applications Conference {(ACSAC)}},
 title = {DR. {SGX:} Automated and Adjustable Side-Channel Protection for {SGX} Using Data Location Randomization},
 year = {2019}
}

@article{Braun2015,
 author = {Braun, Benjamin A. and Jana, Suman and Boneh, Dan},
 journal = {arXiv:1506.00189},
 title = {{Robust and Efficient Elimination of Cache and Timing Side Channels}},
 year = {2015}
}

@misc{Brave2022fonts,
 author = {Brave Software},
 title = {{Protecting against browser-language fingerprinting
}},
 url = {{https://brave.com/privacy-updates/17-language-fingerprinting/}},
 year = {2022}
}

@misc{Bray1990color,
 author = {Bray, Brian K. and Lunch, William L. and Flynn, Michael J.},
 title = {{Page allocation to reduce access time of physical caches}},
 url = {http://i.stanford.edu/pub/cstr/reports/csl/tr/90/454/CSL-TR-90-454.pdf},
 year = {1990}
}

@book{brayton1984espresso,
 author = {Brayton, Robert K and Hachtel, Gary D and McMullen, Curt and Sangiovanni-Vincentelli, Alberto},
 publisher = {Springer Science \& Business Media},
 title = {Logic minimization algorithms for VLSI synthesis},
 year = {1984}
}

@article{Brayton1987MIS,
 author = {Brayton, R.K. and Rudell, R. and Sangiovanni-Vincentelli, A. and Wang, A.R.},
 journal = {IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems},
 title = {MIS: A Multiple-Level Logic Optimization System},
 year = {1987}
}

@article{Brayton1990Mult,
 author = {Brayton, R.K. and Hachtel, G.D. and Sangiovanni-Vincentelli, A.L.},
 journal = {Proceedings of the IEEE},
 title = {Multilevel logic synthesis},
 year = {1990}
}

@article{Breiman1996bagging,
 author = {Breiman, Leo},
 journal = {Machine Learning},
 month = {August},
 title = {Bagging Predictors},
 year = {1996}
}

@article{Breiman2001random,
 author = {Breiman, Leo},
 journal = {Machine learning},
 title = {Random forests},
 year = {2001}
}

@inproceedings{Brenner2017SGX,
 author = {Brenner, Stefan and Hundt, Tobias and Mazzeo, Giovanni and Kapitza, R{\"u}diger},
 booktitle = {IFIP International Conference on Distributed Applications and Interoperable Systems},
 title = {Secure Cloud Micro Services Using {Intel SGX}},
 year = {2017}
}

@inproceedings{Bress2013,
 author = {Bre\ss{}, Sebastian and Kiltz, Stefan and Sch\"{a}ler, Martin},
 booktitle = {Proceedings of the 1st Workshop on Databases in Biometrics, Forensics and Security Applications},
 pages = {115--129},
 title = {{Forensics on GPU Coprocessing in Databases -- Research Challenges, First Experiments, and Countermeasures}},
 year = {2013}
}

@inproceedings{Brickell2004,
 author = {Brickell, Ernie and Camenisch, Jan and Chen, Liqun},
 booktitle = {CCS'04},
 title = {{Direct Anonymous Attestation}},
 year = {2004}
}

@article{Brickell2006,
 author = {Brickell, Ernie and Graunke, Gary and Neve, Michael and Seifert, Jean-Pierre},
 journal = {Cryptology ePrint Archive, Report 2006/052},
 title = {{Software mitigations to hedge AES against cache-based software side channel vulnerabilities}},
 year = {2006}
}

@misc{Brickell2011,
 author = {Brickell, Ernie},
 howpublished = {CHES},
 title = {{Technologies to Improve Platform Security}},
 year = {2011}
}

@inproceedings{Brier2004correlation,
 author = {Brier, Eric and Clavier, Christophe and Olivier, Francis},
 booktitle = {CHES},
 title = {{Correlation Power Analysis with a Leakage Model}},
 year = {2004}
}

@inproceedings{Brier2006,
 author = {Brier, Eric and Chevallier-Mames, Beno{\^i}t and Ciet, Mathieu and Clavier, Christophe},
 booktitle = {CHES},
 title = {Why One Should Also Secure RSA Public Key Elements},
 year = {2006}
}

@inproceedings{Briongos2018CacheShield,
 author = {Briongos, Samira and Irazoqui, Gorka and Malag\'{o}n, Pedro and Eisenbarth, Thomas},
 booktitle = {CODASPY},
 title = {CacheShield: Detecting Cache Attacks through Self-Observation},
 year = {2018}
}

@inproceedings{Briongos2020reload,
 author = {Briongos, Samira and Malag{\'o}n, Pedro and Moya, Jos{\'e} M and Eisenbarth, Thomas},
 booktitle = {{USENIX Security}},
 title = {{RELOAD+REFRESH: Abusing Cache Replacement Policies to Perform Stealthy Cache Attacks}},
 year = {2020}
}

@article{brookes2022exoshim,
 author = {Brookes, Scott and Denz, Robert and Osterloh, Martin and Taylor, Stephen},
 journal = {International Journal of Information and Computer Security},
 title = {Exoshim: Preventing memory disclosure using execute-only kernel code},
 year = {2022}
}

@misc{brookwood2018epic,
 author = {Nathan Brookwood},
 organization = {Insight 64},
 title = {{EPYC: A Study in Energy Efficient CPU Design}},
 url = {https://www.amd.com/system/files/documents/The-Energy-Efficient-AMD-EPYC-Design.pdf},
 year = {2018}
}

@misc{Brotchie2024csstracking,
 author = {Oliver Brotchie},
 title = {{CSS Fingerprint}},
 url = {{https://csstracking.dev/}},
 year = {2024}
}

@inproceedings{Brown2008,
 author = {Brown, Garrett and Howe, Travis and Ihbe, Micheal and Prakash, Atul and Borders, Kevin},
 booktitle = {{ACM conference on Computer supported cooperative work}},
 title = {{Social networks and context-aware spam}},
 year = {2008}
}

@inproceedings{Brown2011,
 author = {Brown, Andrew and Chase, S. Jeffrey},
 booktitle = {CCSW'11},
 pages = {15--20},
 title = {{Trusted Platform-as-a-Service: A Foundation for Trustworthy Cloud-Hosted Applications}},
 year = {2011}
}

@misc{Browsercompat2024github,
 author = {MDN on Github},
 title = {{@mdn/browser-compat-data}},
 url = {{https://github.com/mdn/browser-compat-data}},
 year = {2023}
}

@article{Bruijn1946combinatorial,
 author = {De Bruijn, Nicolaas Govert},
 journal = {Proceedings of the Section of Sciences of the Koninklijke Nederlandse Akademie van Wetenschappen te Amsterdam},
 number = {7},
 title = {A combinatorial problem},
 volume = {49},
 year = {1946}
}

@inproceedings{Bruinderink2016,
 author = {Groot Bruinderink, Leon and Hülsing, Andreas and Lange, Tanja and Yarom, Yuval},
 booktitle = {CHES},
 title = {{Flush, Gauss, and Reload – A Cache Attack on the BLISS Lattice-Based Signature Scheme}},
 year = {2016}
}

@inproceedings{Brumley2003Remote,
 author = {David Brumley and Dan Boneh},
 booktitle = {{USENIX Security}},
 title = {{Remote Timing Attacks Are Practical}},
 year = {2003}
}

@article{Brumley2005remote,
 author = {Brumley, David and Boneh, Dan},
 journal = {Computer Networks},
 title = {{Remote timing attacks are practical}},
 year = {2005}
}

@incollection{Brumley2008automatically,
 author = {Brumley, David and Hartwig, Cody and Liang, Zhenkai and Newsome, James and Song, Dawn and Yin, Heng},
 booktitle = {{Botnet Detection}},
 publisher = {Springer},
 title = {{Automatically identifying trigger-based behavior in malware}},
 year = {2008}
}

@inproceedings{Brumley2009,
 author = {Brumley, Billy and Hakala, Risto},
 booktitle = {AsiaCrypt},
 title = {{Cache-Timing Template Attacks}},
 year = {2009}
}

@inproceedings{brumley2011remote,
 author = {Brumley, Billy Bob and Tuveri, Nicola},
 booktitle = {ESORICS},
 title = {Remote timing attacks are still practical},
 year = {2011}
}

@misc{Brumley2018cve,
 author = {{Billy Brumley}},
 title = {{CVE-2018-5407: new side-channel vulnerability on SMT/Hyper-Threading architectures}},
 url = {https://seclists.org/oss-sec/2018/q4/123},
 year = {2018}
}

@misc{Bruno2013technet,
 author = {Luigi Bruno},
 month = {February},
 title = {What page replacement algorithms does the windows 7 OS uses?},
 url = {https://social.technet.microsoft.com/Forums/ie/en-US/e61aef24-38fd-4e7e-a4c1-a50aa226818c},
 year = {2013}
}

@misc{Bryant2017,
 author = {Bryant, Matthew},
 title = {{The .io Error – Taking Control of All .io Domains With a Targeted Registration}},
 url = {https://thehackerblog.com/the-io-error-taking-control-of-all-io-domains-with-a-targeted-registration/},
 year = {2017}
}

@misc{Bsd2023ctmemcmp,
 author = {FreeBSD Manual Pages},
 title = {{consttime\_memequal  -- compare byte strings for equality without timing leaks}},
 url = {{https://man.freebsd.org/cgi/man.cgi?query=consttime_memequal&manpath=NetBSD+8.0}},
 year = {2023}
}

@misc{BSISidechannels1,
 author = {{Federal Office for Information Security}},
 title = {Minimum Requirements of Evaluating Side-Channel Attack Resistance of RSA, DSA, and Diffie-Hellman Key Exchange Implementations},
 url = {https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Interpretationen/AIS_46_BSI_guidelines_SCA_RSA_V1_0_e_pdf.pdf},
 year = {2013}
}

@misc{BSISidechannels2,
 author = {{Federal Office for Information Security}},
 title = {Minimum Requirements of Evaluating Side-Channel Attack Resistance of Elliptic Curve Implementations},
 url = {https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Interpretationen/AIS_46_ECCGuide_e_pdf.pdf},
 year = {2016}
}

@inproceedings{bualucea2023software,
 author = {B{\u{a}}lucea, Ruxandra and Irofti, Paul},
 booktitle = {SECITC},
 title = {Software mitigation of risc-v spectre attacks},
 year = {2023}
}

@article{buchberger1965algorithmus,
 author = {Buchberger, Bruno},
 journal = {Universitat Innsbruck, Austria, Ph. D. Thesis},
 title = {{Ein Algorithmus zum Auffinden der Basiselemente des Restklassenrings nach einem nulldimensionalen Polynomideal}},
 year = {1965}
}

@inproceedings{Buchfuhrer2008minimize,
 author = {David Buchfuhrer and Christopher Umans},
 series = {Lecture Notes in Computer Science},
 title = {{The Complexity of Boolean Formula Minimization}},
 year = {2008}
}

@article{buck2000api,
 author = {Buck, Bryan and Hollingsworth, Jeffrey K},
 journal = {The International Journal of High Performance Computing Applications},
 number = {4},
 pages = {317--329},
 publisher = {Sage Publications Sage CA: Thousand Oaks, CA},
 title = {An API for runtime code patching},
 volume = {14},
 year = {2000}
}

@article{bugnion1996compiler,
 author = {Bugnion, Edouard and Anderson, Jennifer M and Mowry, Todd C and Rosenblum, Mendel and Lam, Monica S},
 journal = {ACM SIGPLAN Notices},
 title = {Compiler-directed page coloring for multiprocessors},
 year = {1996}
}

@misc{Bugzilla2010gill,
 author = {BugZilla},
 title = {{Gill Sans font displays incorrectly when using DirectWrite / Direct2D}},
 url = {{https://bugzilla.mozilla.org/show_bug.cgi?id=551313}},
 year = {2010}
}

@inproceedings{Buhren2019insecure,
 author = {Buhren, Robert and Werling, Christian and Seifert, Jean-Pierre},
 booktitle = {CCS},
 title = {Insecure Until Proven Updated: Analyzing AMD SEV's Remote Attestation},
 year = {2019}
}

@inproceedings{Buhren2021glitch,
 author = {Buhren, Robert and Jacob, Hans-Niklas and Krachenfels, Thilo and Seifert, Jean-Pierre},
 booktitle = {CCS},
 title = {One glitch to rule them all: Fault injection attacks against AMD's secure encrypted virtualization},
 year = {2021}
}

@inproceedings{bulpin2004multiprogramming,
 author = {Bulpin, James R and Pratt, Ian A},
 booktitle = {Second Annual Workshop on Duplicating, Deconstruction and Debunking (WDDD)},
 title = {{M}ultiprogramming performance of the {P}entium 4 with {Hyper-Threading}},
 year = {2004}
}

@article{Bulygin2008cpu,
 author = {Bulygin, Yuriy},
 journal = {ToorCon},
 title = {{Cpu side-channels vs. virtualization malware: The good, the bad, or the ugly}},
 year = {2008}
}

@misc{Bundestrojaner2017Germany,
 key = {Bundestrojaner2017Germany},
 organization = {Deutscher Bundestag},
 title = {{Gesetz zur effektiveren und praxistauglicheren Ausgestaltung des Strafverfahrens}},
 year = {2017}
}

@misc{Bundestrojaner2018Austria,
 key = {Bundestrojaner2018Austria},
 organization = {Österreichischer Nationalrat},
 title = {{Strafprozessrechtsänderungsgesetz}},
 year = {2018}
}

@misc{Bundestrojaner2018France,
 key = {Bundestrojaner2018France},
 organization = {Assemblée nationale de France},
 title = {{LOI n$^\circ$ 2011-267 du 14 mars 2011 d'orientation et de programmation pour la performance de la sécurité intérieure}},
 year = {2018}
}

@misc{Bundestrojaner2018Switzerland,
 key = {Bundestrojaner2018Switzerland},
 organization = {Eidgenössisches Justizdepartement},
 title = {{Bundesgesetzes betreffend die Überwachung des Post- und Fernmeldeverkehrs}},
 year = {2018}
}

@misc{Bundestrojaner2018UKinvestigatory,
 key = {Bundestrojaner2018UKinvestigatory},
 organization = {Parliament of the United Kingdom},
 title = {{Regulation of Investigatory Powers Act 2000 c. 23}},
 year = {2018}
}

@misc{Bundestrojaner2018UKmisuseact,
 key = {Bundestrojaner2018UKmisuseact},
 organization = {Parliament of the United Kingdom},
 title = {{Computer Misuse Act 1990 c. 18}},
 year = {2018}
}

@inproceedings{Burow2019shadow,
 author = {Burow, Nathan and Zhang, Xinping and Payer, Mathias},
 booktitle = {S\&P},
 title = {SoK: Shining light on shadow stacks},
 year = {2019}
}

@article{bursztein2024generalized,
 author = {Bursztein, Elie and Invernizzi, Luca and Kr{\'a}l, Karel and Moghimi, Daniel and Picod, Jean-Michel and Zhang, Marina},
 journal = {CHES},
 title = {Generalized Power Attacks against Crypto Hardware using Long-Range Deep Learning},
 year = {2024}
}

@misc{businesswire2021mousemarket,
 author = {Business Wire},
 title = {{Mouse Global Market Opportunities And Strategies To 2031}},
 url = {https://www.businesswire.com/news/home/20221221005217/en/Global-4.25-Bn-Mouse-Market-Opportunities-and-Strategies-to-2031-Featuring-Logitech-Microsoft-HP-Apple-Dell---ResearchAndMarkets.com},
 year = {2021}
}

@inproceedings{Caballero2012,
 author = {Caballero, Juan and Grieco, Gustavo and Marron, Mark and Nappa, Antonio},
 booktitle = {{Proceedings of the 2012 International Symposium on Software Testing and Analysis}},
 organization = {ACM},
 pages = {133--143},
 title = {{Undangle: early detection of dangling pointers in use-after-free and double-free vulnerabilities}},
 year = {2012}
}

@article{cabodi2019model,
 author = {Cabodi, Gianpiero and Camurati, Paolo and Finocchiaro, Fabrizio and Vendraminetto, Danilo},
 journal = {MDPI Electronics},
 title = {Model-checking speculation-dependent security properties: Abstracting and reducing processor models for sound and complete verification},
 year = {2019}
}

@inproceedings{Cabuk2004,
 author = {Cabuk, Serdar and Brodley, Carla E and Shields, Clay},
 booktitle = {CCS'04},
 title = {{IP Covert Timing Channels: Design and Detection}},
 year = {2004}
}

@misc{cachegrab,
 author = {Keegan Ryan},
 title = {Cachegrab},
 url = {https://github.com/nccgroup/cachegrab},
 year = {2018}
}

@inproceedings{CacheQoS2016,
 author = {Andrew Herdrich and Edwin Verplanke and Priya Autee and Ramesh Illikkal and Chris Gianos and Ronak Singhal and Ravi Iyer},
 booktitle = {{IEEE HPCA}},
 title = {{Cache QoS: From concept to reality in the Intel Xeon processor E5-2600 v3 product family}},
 year = {2016}
}

@misc{CacheutilsLinux2020,
 author = {Jo Van Bulck},
 title = {cacheutils.h (Linux)},
 url = {https://github.com/jovanbulck/sgx-step/blob/master/app/lvi/cacheutils.h},
 year = {2020}
}

@misc{CacheutilsWindows2019,
 author = {IAIK},
 title = {cacheutils.h (Windows)},
 url = {https://github.com/IAIK/ZombieLoad/blob/master/attacker/variant3_windows/cacheutils_win.h},
 year = {2019}
}

@article{Cadar2008,
 author = {Cadar, Cristian and Ganesh, Vijay and Pawlowski, Peter M and Dill, David L and Engler, Dawson R},
 journal = {ACM Transactions on Information and System Security (TISSEC)},
 title = {{EXE: automatically generating inputs of death}},
 year = {2008}
}

@inproceedings{cadar2008klee,
 author = {Cadar, Cristian and Dunbar, Daniel and Engler, Dawson R and others},
 booktitle = {OSDI},
 title = {Klee: unassisted and automatic generation of high-coverage tests for complex systems programs.},
 year = {2008}
}

@inproceedings{cahn2016empirical,
 author = {Cahn, Aaron and Alfeld, Scott and Barford, Paul and Muthukrishnan, Shanmugavelayutham},
 booktitle = {WWW},
 title = {{An empirical study of web cookies}},
 year = {2016}
}

@inproceedings{Cai2009,
 author = {Cai, Xiang and Gui, Yuwei and Johnson, Rob},
 booktitle = {S\&P},
 title = {{Exploiting {UNIX} file-system races via algorithmic complexity attacks}},
 year = {2009}
}

@inproceedings{Cai2011,
 author = {Liang Cai and Hao Chen},
 booktitle = {{USENIX} Workshop on Hot Topics in Security -- {HotSec}},
 title = {{TouchLogger: Inferring Keystrokes on Touch Screen from Smartphone Motion}},
 year = {2011}
}

@inproceedings{Calder1995,
 author = {Calder, Brad and Grunwald, Dirk},
 booktitle = {ACM SIGARCH},
 title = {Next cache line and set prediction},
 year = {1995}
}

@inproceedings{Calzavara2016Content,
 author = {Calzavara, Stefano and Rabitti, Alvise and Bugliesi, Michele},
 booktitle = {{CCS}},
 title = {{Content Security Problems?: Evaluating the effectiveness of Content Security Policy in the Wild}},
 year = {2016}
}

@inproceedings{Calzavara2025DynamicSecurity,
 author = {Stefano Calzavara and
Samuele Casarin and
Riccardo Focardi},
 booktitle = {WWW},
 title = {Dynamic Security Analysis of JavaScript: Are We There Yet?},
 year = {2025}
}

@inproceedings{Canella2019A,
 author = {Canella, Claudio and Van Bulck, Jo and Schwarz, Michael and Lipp, Moritz and von Berg, Benjamin and Ortner, Philipp and Piessens, Frank and Evtyushkin, Dmitry and Gruss, Daniel},
 booktitle = {{USENIX Security}},
 note = {Extended classification tree and PoCs at https://transient.fail/.},
 title = {{A Systematic Evaluation of Transient Execution Attacks and Defenses}},
 year = {2019}
}

@inproceedings{canella2019fallout,
 author = {Canella, Claudio and Genkin, Daniel and Giner, Lukas and Gruss, Daniel and Lipp, Moritz and Minkin, Marina and Moghimi, Daniel and Piessens, Frank and Schwarz, Michael and Sunar, Berk and Van Bulck, Jo and Yarom, Yuval},
 booktitle = {CCS},
 organization = {ACM},
 title = {Fallout: Leaking Data on Meltdown-resistant CPUs},
 year = {2019}
}

@inproceedings{Canella2020attacks,
 author = {Canella, Claudio and Khasawneh, Khaled N. and Gruss, Daniel},
 booktitle = {GLSVLSI},
 title = {{The Evolution of Transient-Execution Attacks}},
 year = {2020}
}

@inproceedings{Canella2020defenses,
 author = {Canella, Claudio and Pudukotai Dinakarrao, Sai Manoj and Gruss, Daniel and Khasawneh, Khaled N.},
 booktitle = {GLSVLSI},
 title = {{Evolution of Defenses against Transient-Execution Attacks}},
 year = {2020}
}

@inproceedings{Canella2020kaslr,
 author = {Canella, Claudio and Schwarz, Michael and Haubenwallner, Martin and Schwarzl, Martin and Gruss, Daniel},
 booktitle = {AsiaCCS},
 title = {{KASLR: Break It, Fix It, Repeat}},
 year = {2020}
}

@inproceedings{canella2021automating,
 author = {Canella, Claudio and Werner, Mario and Gruss, Daniel and Schwarz, Michael},
 booktitle = {CCS},
 title = {{Automating seccomp filter generation for linux applications}},
 year = {2021}
}

@report{Canteaut2006,
 author = {Canteaut, Anne and Lauradoux, C\'{e}dric and Seznec, Andr\'{e}},
 institution = {Inria},
 title = {{Understanding cache attacks}},
 type = {techreport},
 year = {2006}
}

@inproceedings{Cao2017browser,
 author = {Cao, Yinzhi and Li, Song and Wijmans, Erik},
 booktitle = {{NDSS}},
 title = {{Browser Fingerprinting via OS and Hardware Level Features}},
 year = {2017}
}

@manual{capsicum,
 month = {03},
 note = {Available at \url{https://www.freebsd.org/cgi/man.cgi?capsicum(4)}},
 title = {CAPSICUM(4) BSD Kernel Interfaces Manual},
 year = {2020}
}

@inproceedings{Carlini2014COP,
 author = {Nicholas Carlini and
David A. Wagner},
 booktitle = {{USENIX} Security Symposium},
 title = {{ROP} is Still Dangerous: Breaking Modern Defenses},
 year = {2014}
}

@inproceedings{Carlini2015control,
 author = {Carlini, Nicholas and Barresi, Antonio and Payer, Mathias and Wagner, David and Gross, Thomas R},
 booktitle = {USENIX Security Symposium},
 title = {Control-Flow Bending: On the Effectiveness of Control-Flow Integrity.},
 year = {2015}
}

@inproceedings{Carmean2001P4,
 author = {Carmean, Doug},
 booktitle = {IEEE Hot Chips Symposium (HCS)},
 title = {{Pipline Depth Tradeoffs and the Intel Pentium 4 Processor}},
 year = {2001}
}

@inproceedings{Carmon2017,
 author = {Elad Carmon and Jean-Pierre Seifert and Avishai Wool},
 booktitle = {{HOST}'17},
 title = {Photonic Side Channel Attacks Against RSA},
 year = {2017}
}

@misc{Carpenter2018smatch,
 author = {Carpenter, Dan},
 title = {{Smatch check for Spectre stuff}},
 year = {2018}
}

@article{Carr1981,
 author = {Carr, Richard W and Hennessy, John L},
 journal = {ACM SIGOPS Operating Systems Review},
 number = {5},
 pages = {87--95},
 publisher = {ACM},
 title = {{WSCLOCK-a simple and effective algorithm for virtual memory management}},
 volume = {15},
 year = {1981}
}

@inproceedings{Carr2017datashield,
 author = {Carr, Scott A and Payer, Mathias},
 booktitle = {AsiaCCS},
 title = {Datashield: Configurable data confidentiality and integrity},
 year = {2017}
}

@misc{Carrette1996,
 author = {Carrette, George J},
 title = {{CRASHME: Random input testing}},
 year = {1996}
}

@inproceedings{Carroll2012,
 author = {Thomas E. Carroll and David Manz and Thomas Edgar and Frank L. Greitzer},
 booktitle = {Proceedings of the 2012 Workshop on Learning From Authoritative Security Experiment Results},
 title = {{Realizing Scientific Methods for Cyber Security}},
 year = {2012}
}

@misc{Carruth2018Hardening,
 author = {Carruth, Chandler},
 title = {{RFC: Speculative Load Hardening (a Spectre variant \#1 mitigation)}},
 year = {2018}
}

@misc{Carruth2018retpoline_patch,
 author = {Carruth, Chandler},
 month = {January},
 url = {https://reviews.llvm.org/D41723},
 year = {2018}
}

@misc{CarruthSLH,
 author = {Carruth, Chandler},
 title = {Speculative Load Hardening},
 url = {https://docs.google.com/document/d/1wwcfv3UV9ZnZVcGiGuoITT_61e_Ko3TmoCS3uXLcJR0/edit#heading=h.phdehs44eom6},
 year = {2018}
}

@inproceedings{carvalho2002gap,
 author = {Carvalho, Carlos},
 booktitle = {ICCA},
 title = {The gap between processor and memory speeds},
 year = {2002}
}

@misc{Carvalho2018MeltdownUncached,
 author = {Carvalho, Raphael},
 month = {Jan},
 title = {Twitter: Meltdown with Uncached Memory},
 url = {https://twitter.com/raphael_scarv/status/952078140028964864},
 year = {2018}
}

@inproceedings{Castes2024sharing,
 author = {Castes, Charly and Baumann, Andrew},
 booktitle = {{ASPLOS}},
 title = {{Sharing is leaking: blocking transient-execution attacks with core-gapped confidential VMs}},
 year = {2024}
}

@inproceedings{castryck2023efficient,
 author = {Castryck, Wouter and Decru, Thomas},
 booktitle = {Eurocrypt},
 title = {An efficient key recovery attack on SIDH},
 year = {2023}
}

@misc{CATPerformance2015,
 author = {Intel},
 title = {Improving Real-Time Performance by Utilizing Cache Allocation Technology: Enhancing Performance via Allocation of the Processor’s Cache},
 url = {https://www.intel.com/content/www/us/en/communications/cache-allocation-technology-white-paper.html},
 year = {2015}
}

@inproceedings{Caulfield2017us,
 author = {Caulfield, Tristan and Ioannidis, Christos and Pym, David},
 booktitle = {International Conference on Decision and Game Theory for Security},
 title = {The {US} Vulnerabilities Equities Process: An Economic Perspective},
 year = {2017}
}

@inproceedings{cauligi2017fact,
 author = {Cauligi, Sunjay and Soeller, Gary and Brown, Fraser and Johannesmeyer, Brian and Huang, Yunlu and Jhala, Ranjit and Stefan, Deian},
 booktitle = {2017 IEEE Cybersecurity Development (SecDev)},
 organization = {IEEE},
 pages = {69--76},
 title = {{FaCT: A flexible, constant-time programming language}},
 year = {2017}
}

@article{Cauligi2019,
 author = {Cauligi, Sunjay and Disselkoen, Craig and Gleissenthall, Klaus v and Stefan, Deian and Rezk, Tamara and Barthe, Gilles},
 journal = {arXiv:1910.01755},
 title = {{Towards Constant-Time Foundations for the New Spectre Era}},
 year = {2019}
}

@inproceedings{Cauligi2020Constant,
 author = {{Cauligi, Sunjay and Disselkoen, Craig and Gleissenthall, Klaus v and Tullsen, Dean and Stefan, Deian and Rezk, Tamara and Barthe, Gilles}},
 booktitle = {SIGPLAN},
 title = {Constant-time foundations for the new spectre era},
 year = {2020}
}

@misc{CBenchmarksGame,
 author = {The Computer Language Benchmarks Game},
 title = {{C Benchmarks Game}},
 url = {https://benchmarksgame-team.pages.debian.net/benchmarksgame/fastest/c.html},
 year = {2020}
}

@book{cci_400,
 author = {{ARM Limited}},
 edition = {r1p5},
 publisher = {ARM Limited},
 title = {{ARM CoreLink CCI-400 Cache Coherent Interconnect Technical Reference Manual}},
 year = {2015}
}

@techreport{celio2015boom,
 author = {Celio, Christopher and Patterson, David A. and Asanović, Krste},
 journal = {EECS Berkley},
 title = {{The Berkeley Out-of-Order Machine (BOOM): An Industry-Competitive, Synthesizable, Parameterized RISC-V Processor}},
 year = {2015}
}

@inproceedings{Cha2012Mayhem,
 author = {Cha, Sang Kil and Avgerinos, Thanassis and Rebert, Alexandre and Brumley, David},
 booktitle = {S\&P},
 title = {Unleashing Mayhem on Binary Code},
 year = {2012}
}

@article{Chakraborty2019,
 author = {Chakraborty, Anirban and Bhattacharya, Sarani and Mu\-kho\-pa\-dhy\-ay, Debdeep},
 journal = {arXiv:1905.12974},
 title = {{ExplFrame: Exploiting Page Frame Cache for Fault Analysis of Block Ciphers}},
 year = {2019}
}

@inproceedings{Chakraborty2023TALUS,
 author = {Dhiman Chakraborty and Michael Schwarz and Sven Bugiel},
 booktitle = {FC},
 title = {{TALUS: Reinforcing TEE Confidentiality with Cryptographic Coprocessors}},
 year = {2023}
}

@article{chakraborty2024shesha,
 author = {Chakraborty, Anirban and Mishra, Nimish and Mukhopadhyay, Debdeep},
 journal = {arXiv preprint},
 title = {Shesha: Multi-head Microarchitectural Leakage Discovery in new-generation Intel Processors},
 year = {2024}
}

@inbook{Challener2011,
 address = {Boston, MA},
 author = {Challener, David},
 booktitle = {Encyclopedia of Cryptography and Security},
 doi = {10.1007/978-1-4419-5906-5_796},
 isbn = {978-1-4419-5906-5},
 pages = {1332--1335},
 publisher = {Springer US},
 title = {{{Trusted Platform Module}}},
 url = {https://doi.org/10.1007/978-1-4419-5906-5_796},
 year = {2011}
}

@inproceedings{chandra2010separating,
 author = {Chandra, Ramesh and Gupta, Priya and Zeldovich, Nickolai},
 booktitle = {USENIX Conference on Web Application Development (WebApps)},
 title = {Separating Web Applications from User Data Storage with {BSTORE}},
 year = {2010}
}

@article{Chandrakasan1995,
 author = {A. P. {Chandrakasan} and R. W. {Brodersen}},
 journal = {Proceedings of the IEEE},
 title = {{Minimizing power consumption in digital CMOS circuits}},
 year = {1995}
}

@inproceedings{Chari2002template,
 author = {Chari, Suresh and Rao, Josyula R and Rohatgi, Pankaj},
 booktitle = {{CHES}},
 title = {{Template attacks}},
 year = {2002}
}

@misc{Charneski2015,
 author = {Andrew Charneski},
 title = {Modeling Network Latency},
 url = {https://blog.simiacryptus.com/2015/10/modeling-network-latency.html},
 year = {2015}
}

@misc{Chatzisofroniou2016efficient,
 author = {George Chatzisofroniou},
 title = {{Efficient Wi-Fi Phishing Attacks}},
 url = {https://census-labs.com/media/effective_wifi_phishing_33c3.pdf},
 year = {2016}
}

@misc{Chatzisofroniou2016extra,
 author = {George Chatzisofroniou},
 title = {{Extra Phishing Pages}},
 url = {https://github.com/wifiphisher/extra-phishing-pages},
 year = {2018}
}

@inproceedings{che2009rodinia,
 author = {Che, Shuai and Boyer, Michael and Meng, Jiayuan and Tarjan, David and Sheaffer, Jeremy W and Lee, Sang-Ha and Skadron, Kevin},
 booktitle = {International Symposium on Workload Characterization},
 title = {Rodinia: A benchmark suite for heterogeneous computing},
 year = {2009}
}

@inproceedings{Cheang2019formal,
 author = {Cheang, Kevin and Rasmussen, Cameron and Seshia, Sanjit and Subramanyan, Pramod},
 booktitle = {CSF},
 title = {A formal approach to secure speculation},
 year = {2019}
}

@inproceedings{Checkoway2010JOP,
 author = {Stephen Checkoway and
Lucas Davi and
Alexandra Dmitrienko and
Ahmad{-}Reza Sadeghi and
Hovav Shacham and
Marcel Winandy},
 booktitle = {{CCS}},
 title = {Return-oriented programming without returns},
 year = {2010}
}

@inproceedings{Checkoway2013,
 author = {Stephen Checkoway and
Hovav Shacham},
 booktitle = {ASPLOS},
 title = {Iago attacks: why the system call {API} is a bad untrusted {RPC} interface},
 year = {2013}
}

@misc{Chee2003,
 author = {Chee Hak Teh and Suryaprasad Kareenahalli and Zohar Bogin},
 no-note = {US Patent Grant 2009-09-08},
 no-url = {https://encrypted.google.com/patents/US7076617B2},
 number = {US7587547B2},
 title = {Dynamic update adaptive idle timer},
 year = {2006}
}

@inproceedings{Chen2004,
 author = {Chen, Wendy and Chang, Weide},
 booktitle = {{Proceedings of the 2004 IEEE International Conference on Information Reuse and Integration}},
 title = {{Applying hidden Markov models to keystroke pattern analysis for password verification}},
 year = {2004}
}

@inproceedings{Chen2005data,
 author = {Chen, Shuo and Xu, Jun and Sezer, Emre Can and Gauriar, Prachi and Iyer, Ravishankar K},
 booktitle = {USENIX Security Symposium},
 title = {Non-Control-Data Attacks Are Realistic Threats.},
 year = {2005}
}

@misc{Chen2008LoongsonComputer,
 author = {Na, Chen},
 booktitle = {Chinese Academy of Sciences - News Updates},
 title = {A teraflop computer ''with Loongson inside''},
 year = {2008}
}

@inproceedings{Chen2009,
 author = {Chen, Liqun and Ryan, Mark},
 booktitle = {Proceedings of the 6th international conference on Formal Aspects in Security and Trust (FAST'09)},
 pages = {201--216},
 title = {{Attack, solution and verification for shared authorisation data in TCG TPM}},
 year = {2009}
}

@inproceedings{Chen2010rop,
 author = {Chen, Ping and Xing, Xiao and Han, Hao and Mao, Bing and Xie, Li},
 booktitle = {{ICISSP}},
 title = {{Efficient detection of the return-oriented programming malicious code}},
 year = {2010}
}

@report{Chen2010what,
 author = {Chen, Yanpei and Paxson, Vern and Katz, Randy H.},
 title = {{What{$\textquoteright$}s New About Cloud Computing Security?}},
 type = {techreport},
 year = {2010}
}

@thesis{Chen2014microcode,
 author = {Daming D. Chen and Gail-Joon Ahn},
 school = {Arizona State University},
 title = {{Security Analysis of x86 Processor Microcode}},
 year = {2014}
}

@inproceedings{Chen2014peeking,
 author = {Chen, Qi Alfred and Qian, Zhiyun and Mao, Zhuoqing Morley},
 booktitle = {{USENIX Security Symposium}},
 title = {{Peeking into Your App without Actually Seeing It: UI State Inference and Novel Android Attacks.}},
 year = {2014}
}

@misc{Chen2016OSXKaslr,
 author = {Chen, Liang and He, Qidan},
 title = {{Shooting the OS X El Capitan Kernel Like a Sniper}},
 year = {2016}
}

@inproceedings{Chen2017,
 author = {Chen, Sanchuan and Zhang, Xiaokuan and Reiter, Michael K. and Zhang, Yinqian},
 booktitle = {AsiaCCS},
 title = {{Detecting Privileged Side-Channel Attacks in Shielded Execution with D\'ej\`a Vu}},
 year = {2017}
}

@inproceedings{Chen2018angora,
 author = {Chen, Peng and Chen, Hao},
 booktitle = {IEEE S\&P},
 title = {Angora: Efficient Fuzzing by Principled Search},
 year = {2018}
}

@article{Chen2018exploration,
 author = {Chen, Baozi and Wu, Qingbo and Tan, Yusong and Yang, Liu and Zou, Peng},
 journal = {IETE Technical Review},
 number = {sup1},
 pages = {119--127},
 title = {{Exploration for Software Mitigation to Spectre Attacks of Poisoning Indirect Branches}},
 volume = {35},
 year = {2018}
}

@inproceedings{Chen2018racing,
 author = {Chen, Guoxing and Wang, Wenhao and Chen, Tianyu and Chen, Sanchuan and Zhang, Yinqian and Wang, XiaoFeng and Lai, Ten-Hwang and Lin, Dongdai},
 booktitle = {S\&P},
 title = {Racing in hyperspace: closing hyper-threading side channels on SGX with contrived data races},
 year = {2018}
}

@inproceedings{Chen2018SGXpectre,
 author = {Chen, Guoxing and Chen, Sanchuan and Xiao, Yuan and Zhang, Yinqian and Lin, Zhiqiang and Lai, Ten H},
 booktitle = {EuroS\&P},
 title = {{SgxPectre Attacks: Stealing Intel Secrets from SGX Enclaves via Speculative Execution}},
 year = {2019}
}

@inproceedings{Chen2019defeating,
 author = {Chen, Guoxing and Li, Mengyuan and Zhang, Fengwei and Zhang, Yinqian},
 booktitle = {Dependable and Secure Computing (DSC)},
 title = {{Defeating Speculative-Execution Attacks on SGX with HyperRace}},
 year = {2019}
}

@inproceedings{Chen2020powerprint,
 author = {Chen, Jiong and He, Kun and Chen, Jing and Fang, Yingying and Du, Ruiying},
 booktitle = {Security and Communication Networks},
 title = {PowerPrint: Identifying Smartphones through Power Consumption of the Battery},
 year = {2020}
}

@inproceedings{chen2021voltpillager,
 author = {Chen, Zitai and Vasilakis, Georgios and Murdock, Kit and Dean, Edward and Oswald, David and Garcia, Flavio D},
 booktitle = {USENIX Security},
 title = {{VoltPillager}: Hardware-based fault injection attacks against Intel {SGX} Enclaves using the {SVID} voltage scaling interface},
 year = {2021}
}

@inproceedings{chen2023afterimage,
 author = {Chen, Yun and Pei, Lingfeng and Carlson, Trevor E},
 booktitle = {ASPLOS},
 title = {{AfterImage: Leaking control flow data and tracking load operations via the hardware prefetcher}},
 year = {2023}
}

@article{Chen2024BETA,
 author = {Chen, Congcong and Cui, Jinhua and Zhang, Jiliang},
 journal = {arXiv:2410.16648},
 title = {BETA: Automated Black-box Exploration for Timing Attacks in Processors},
 year = {2024}
}

@inproceedings{Chen2024prefetchx,
 author = {Chen, Yun and Hajiabadi, Ali and Pei, Lingfeng and Carlson, Trevor E},
 booktitle = {HPCA},
 title = {PrefetchX: Cross-core cache-agnostic prefetcher-based side-channel attacks},
 year = {2024}
}

@article{Cheng2000,
 author = {Cheng, Chih-Cheng},
 journal = {Berkeley Wireless Research Center, Tech. Rep},
 title = {The schemes and performances of dynamic branch predictors},
 year = {2000}
}

@inproceedings{Cheng2006,
 author = {Cheng, Winnie and Zhao, Qin and Yu, Bei and Hiroshige, Scott},
 booktitle = {{ISCC}},
 title = {{Tainttrace: Efficient flow tracing with dynamic binary rewriting}},
 year = {2006}
}

@article{Cheng2014,
 author = {Cheng, Yueqiang and Zhou, Zongwei and Miao, Yu and Ding, Xuhua and Deng, Huijie and others},
 booktitle = {{NDSS'14}},
 title = {{ROPecker: A generic and practical approach for defending against ROP attack}},
 year = {2014}
}

@article{Cheng2018,
 author = {Cheng, Yueqiang and Zhang, Zhi and Nepal, Surya},
 journal = {arXiv:1802.07060},
 title = {{Still Hammerable and Exploitable: on the Effectiveness of Software-only Physical Kernel Isolation}},
 year = {2018}
}

@inproceedings{Cheng2019demicpu,
 author = {Cheng, Yushi and Ji, Xiaoyu and Zhang, Juchuan and Xu, Wenyuan and Chen, Yi-Chao},
 booktitle = {CCS},
 title = {{DeMiCPU: Device Fingerprinting with Magnetic Signals Radiated by CPU}},
 year = {2019}
}

@misc{Chester2018,
 author = {Chester, Adam},
 title = {{Exploiting Windows 10 Kernel Drivers - NULL Pointer Dereference}},
 year = {2018}
}

@misc{Chiappetta2015,
 author = {Marco Chiappetta and Erkay Savas and Cemal Yilmaz},
 howpublished = {ePrint 2015/1034},
 title = {Real time detection of cache-based side-channel attacks using Hardware Performance Counters},
 year = {2015}
}

@misc{Chipsalliance2023Riscvdv,
 author = {{CHIPS Alliance}},
 title = {riscv-dv},
 url = {https://github.com/chipsalliance/riscv-dv},
 year = {2023}
}

@inproceedings{Chirica1973,
 author = {Chirica, LM and Dreisbach, TA and Martin, DF and Peetz, JG and Sorkin, A},
 booktitle = {{Proceedings of a symposium on High-level-language computer architecture}},
 organization = {ACM},
 pages = {141--151},
 title = {{Two PARALLEL EULER run time models: The dangling reference, impostor environment, and label problems}},
 year = {1973}
}

@inproceedings{Chiueh2001,
 author = {Chiueh, Tzi-cker and Hsu, Fu-Hau},
 booktitle = {Conference on Distributed Computing Systems},
 title = {RAD: A compile-time solution to buffer overflow attacks},
 year = {2001}
}

@article{Cho2008,
 author = {Cho, Sung-Jin and Choi, Un-Sook and Hwang, Yoon-Hee and Kim, Han-Doo},
 journal = {Computers \& Mathematics with Applications},
 title = {Design of new XOR-based hash functions for cache memories},
 year = {2008}
}

@inproceedings{Chou2001,
 author = {Chou, Andy and Yang, Junfeng and Chelf, Benjamin and Hallem, Seth and Engler, Dawson},
 booktitle = {Proceedings of the eighteenth ACM symposium on Operating systems principles (SOSP'01)},
 pages = {73--88},
 title = {An Empirical Study of Operating Systems Errors},
 year = {2001}
}

@inproceedings{Chow2004,
 author = {Chow, Jim and Pfaff, Ben and Garfinkel, Tal and Christopher, Kevin and Rosenblum, Mendel},
 booktitle = {{USENIX Security}},
 title = {Understanding Data Lifetime via Whole System Simulation},
 year = {2004}
}

@inproceedings{Christodorescu2009,
 author = {Christodorescu, Mihai and Sailer, Reiner and {Lee Schales}, Douglas and Sgandurra, Daniele and Zamboni, Diego},
 booktitle = {CCSW'09},
 title = {{Cloud Security Is Not (Just) Virtualization Security}},
 year = {2009}
}

@misc{Chrome2016JIT,
 author = {{Ross McIlroy}},
 month = {August},
 title = {{Firing up the Ignition Interpreter}},
 url = {https://v8project.blogspot.co.at/2016/08/firing-up-ignition-interpreter.html},
 year = {2017}
}

@misc{Chrome2017Debugger,
 author = {{Google}},
 title = {{chrome.debugger}},
 url = {https://developer.chrome.com/extensions/debugger},
 year = {2017}
}

@misc{Chrome2017jit,
 author = {{V8 Team}},
 title = {{Launching Ignition and TurboFan}},
 url = {https://v8project.blogspot.com/2017/05/launching-ignition-and-turbofan.html},
 year = {2017}
}

@misc{Chrome2017RDP,
 author = {{Google}},
 title = {{Chrome DevTools Protocol Viewer}},
 url = {https://developer.chrome.com/devtools/docs/debugger-protocol},
 year = {2017}
}

@misc{Chrome2019Build,
 author = {{Chrome Developers}},
 title = {{Transitioning from Chrome Apps}},
 url = {https://developer.chrome.com/docs/apps/migration/#build-chromeos-android},
 year = {2019}
}

@misc{chrome2019disable,
 author = {{Chrome for Developers}},
 title = {{Disable JavaScript}},
 url = {https://developer.chrome.com/docs/devtools/javascript/disable},
 year = {2019}
}

@misc{ChromeMojoAPI,
 author = {{Chromium}},
 title = {{Mojo in Chromium}},
 url = {https://chromium.googlesource.com/chromium/src.git/+/master/mojo/README.md},
 year = {2020}
}

@misc{Chromium18enablebuffers,
 author = {Smith, Ben},
 title = {{Enable SharedArrayBuffer by default on non-android}},
 year = {2018}
}

@misc{Chromium18mitigations,
 author = {{The Chromium Projects}},
 title = {{Actions required to mitigate Speculative Side-Channel Attack techniques}},
 year = {2018}
}

@misc{Chromium2018memoryconcepts,
 author = {Chromium},
 title = {{Key Concepts in Chrome Memory}},
 url = {https://chromium.googlesource.com/chromium/src/+/lkgr/docs/memory/key_concepts.md},
 year = {2018}
}

@misc{Chromium2018partitionalloc,
 author = {Chromium},
 title = {{PartitionAlloc Design}},
 url = {https://chromium.googlesource.com/chromium/src/+/lkcr/base/allocator/partition_allocator/PartitionAlloc.md},
 year = {2018}
}

@misc{Chromium2018SiteIsolation,
 author = {{The Chromium Projects}},
 title = {{Site Isolation}},
 year = {2018}
}

@misc{chromium2018webusbclassfiltering,
 author = {Chromium - blink-dev Mailinglist},
 title = {{Intent to Implement and Ship: WebUSB Interface Class Filtering}},
 url = {https://groups.google.com/a/chromium.org/g/blink-dev/c/LZXocaeCwDw/m/GLfAffGLAAAJ?pli=1},
 year = {2018}
}

@misc{Chromium2024Android,
 author = {The Chromium Project},
 title = {{Android WebView}},
 url = {{https://www.chromium.org/developers/androidwebview/}},
 year = {2024}
}

@misc{ChromiumBug2015,
 author = {{Chromium}},
 title = {{window.performance.now does not support sub-millisecond precision on Windows}},
 url = {https://bugs.chromium.org/p/chromium/issues/detail?id=158234#c110},
 year = {2015}
}

@misc{ChromiumSeccomp,
 author = {Chromium},
 title = {{Linux Sandboxing}},
 url = {https://chromium.googlesource.com/chromium/src/+/0e94f26e8/docs/linux_sandboxing.md}
}

@book{Chua2010rapid,
 author = {Chee Kai Chua and Kah Fai Leong and Chu Sing Lim},
 publisher = {World Scientific Publishing Company},
 title = {{Rapid Prototyping: Principles and Applications (with Companion CD-ROM) Third Edition}},
 year = {2010}
}

@misc{Cimpanu2020intelrsa,
 author = {Catalin Cimpanu},
 organization = {ZDNet},
 title = {Intel fixed 236 bugs in 2019 and only 5{\%} (11 bugs) were CPU vulnerabilities},
 url = {https://www.zdnet.com/article/intel-fixed-236-bugs-in-2019-and-only-5-11-bugs-were-cpu-vulnerabilities/},
 year = {2020}
}

@inproceedings{ciresan2011flexible,
 author = {Ciresan, Dan Claudiu and Meier, Ueli and Masci, Jonathan and Gambardella, Luca Maria and Schmidhuber, J{\"u}rgen},
 booktitle = {Twenty-Second International Joint Conference on Artificial Intelligence},
 title = {Flexible, high performance convolutional neural networks for image classification},
 year = {2011}
}

@misc{cisa2023top,
 author = {US Cybersecurity \& Infrastructure Security Agency (CISA)},
 title = {{2022 Top Routinely Exploited Vulnerabilities}},
 url = {{https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-215a}},
 year = {2023}
}

@inproceedings{Clark2005,
 author = {Clark, Christopher and Fraser, Keir and Hand, Steven and Hansen, Jacob Gorm and Jul, Eric and Limpach, Christian and Pratt, Ian and Warfield, Andrew},
 booktitle = {Proceedings of the 2nd conference on Symposium on Networked Systems Design \& Implementation (NSDI'05)},
 pages = {273--286},
 title = {{Live Migration of Virtual Machines}},
 year = {2005}
}

@inproceedings{Clark2016,
 author = {Clark, Mike},
 booktitle = {IEEE Hot Chips Symposium (HCS)},
 title = {A new x86 core architecture for the next generation of computing},
 year = {2016}
}

@inproceedings{Clavier2007IFA,
 author = {Clavier, Christophe},
 booktitle = {CHES},
 title = {Secret external encodings do not prevent transient fault analysis},
 year = {2007}
}

@inproceedings{clavier2011square,
 author = {Clavier, Christophe and Feix, Benoit and Gagnerot, Georges and Roussellet, Myl{\`e}ne and Verneuil, Vincent},
 booktitle = {INDOCRYPT},
 title = {Square always exponentiation},
 year = {2011}
}

@inproceedings{cloosters2020teerex,
 author = {Cloosters, Tobias and Rodler, Michael and Davi, Lucas},
 booktitle = {{USENIX Security Symposium}},
 title = {$\{$TeeRex$\}$: Discovery and exploitation of memory corruption vulnerabilities in $\{$SGX$\}$ enclaves},
 year = {2020}
}

@misc{Cloudflare2019Workers,
 author = {{Cloudflare}},
 title = {{Cloudflare Workers}},
 url = {https://www.cloudflare.com/products/cloudflare-workers/},
 year = {2019}
}

@misc{Cloudflare2019WorkersAnon,
 author = {{Anonymous}},
 title = {{Anonymized for Double Blind Submission}},
 url = {},
 year = {2019}
}

@misc{cloudflare_workers,
 author = {{Cloudflare Workers}},
 url = {https://www.cloudflare.com/products/cloudflare-workers/},
 year = {2019}
}

@misc{CNTEL0ACR,
 author = {arm.com},
 title = {{CNTEL0ACR, Counter-timer EL0 Access Control Register}},
 url = {https://developer.arm.com/documentation/ddi0601/2025-03/External-Registers/CNTEL0ACR--Counter-timer-EL0-Access-Control-Register},
 year = {2025}
}

@inproceedings{Cock2014timing,
 author = {Cock, David and Ge, Qian and Murray, Toby and Heiser, Gernot},
 booktitle = {{CCS}},
 title = {{The last mile: An empirical study of timing channels on seL4}},
 year = {2014}
}

@misc{CodeSourcery2021Itanium,
 author = {{CodeSourcery} and {Compaq} and {EDG} and {HP} and {IBM} and {Intel} and {Red Hat} and {SGI}},
 title = {{Itanium C++ ABI}},
 url = {https://itanium-cxx-abi.github.io/cxx-abi/abi.html},
 year = {2021}
}

@inproceedings{Cojocar2019ECC,
 author = {Cojocar, Lucian and Razavi, Kaveh and Giuffrida, Cristiano and Bos, Herbert},
 booktitle = {S\&P},
 title = {Exploiting correcting codes: On the effectiveness of ecc memory against rowhammer attacks},
 year = {2019}
}

@inproceedings{Cojocar2020,
 author = {Cojocar, Lucian and Kim, Jeremie and Patel, Minesh and Tsai, Lillian and Saroiu, Stefan and Wolman, Alec and Mutlu, Onur},
 booktitle = {S\&P},
 title = {Are We Susceptible to Rowhammer? An End-to-End Methodology for Cloud Providers},
 year = {2020}
}

@inproceedings{cojocar2020we,
 author = {Cojocar, Lucian and Kim, Jeremie and Patel, Minesh and Tsai, Lillian and Saroiu, Stefan and Wolman, Alec and Mutlu, Onur},
 booktitle = {IEEE Symposium on Security and Privacy (SP)},
 title = {Are we susceptible to rowhammer? an end-to-end methodology for cloud providers},
 year = {2020}
}

@report{Collange2010,
 author = {Collange, Sylvain},
 institution = {Universit\'{e} de Perpignan, France},
 title = {{Analyse de l{$\textquoteright$}architecture GPU Tesla}},
 type = {techreport},
 year = {2010}
}

@misc{Collins1998,
 author = {Robert R. Collins},
 title = {{The Pentium F00F Bug}},
 url = {http://www.rcollins.org/ddj/May98/F00FBug.html},
 year = {1998}
}

@inproceedings{Colp2011,
 author = {Colp, Patrick and Nanavati, Mihir and Zhu, Jun and Aiello, William and Coker, George and Deegan, Tim and Loscocco, Peter and Warfield, Andrew},
 booktitle = {Proceedings of the 23rd ACM Symposium on Operating Systems Principles (SOSP'11)},
 pages = {189--202},
 title = {{Breaking Up is Hard to Do: Security and Functionality in a Commodity Hypervisor}},
 year = {2011}
}

@article{Colvin2020abstract,
 author = {Colvin, Robert J and Winter, Kirsten},
 journal = {arXiv:2004.00577},
 title = {An abstract semantics of speculative execution for reasoning about security vulnerabilities},
 year = {2020}
}

@inproceedings{Condrat2007AGB,
 author = {Christopher Condrat and Priyank Kalla},
 booktitle = {International Conference on Tools and Algorithms for Construction and Analysis of Systems},
 title = {A Gr{\"o}bner Basis Approach to CNF-Formulae Preprocessing},
 year = {2007}
}

@inproceedings{connor2020pku,
 author = {Connor, Emma and McDaniel, Tyler and Smith, Jared M and Schuchard, Max},
 booktitle = {USENIX Security},
 title = {{PKU} pitfalls: Attacks on {PKU-based} memory isolation systems},
 year = {2020}
}

@inproceedings{Constable2023Aex,
 author = {Constable, Scott and Van Bulck, Jo and Cheng, Xiang and Xiao, Yuan and Xing, Cedric and Alexandrovich, Ilya and Kim, Taesoo and Piessens, Frank and Vij, Mona and Silberstein, Mark},
 booktitle = {USENIX},
 title = {AEX-Notify: Thwarting Precise Single-Stepping Attacks through Interrupt Awareness for Intel SGX Enclaves},
 year = {2023}
}

@inproceedings{constantin2025key,
 author = {Constantin-Sukul, Luccas Ruben J and Gammelgaard, Rasmus {\O} and Henriksen, Alexander N and Aranha, Diego},
 booktitle = {Proceedings of the Microarchitecture Security Conference},
 title = {Key recovery on static Kyber based on transient execution attacks},
 year = {2025}
}

@inproceedings{Cooper2010YCSB,
 author = {Cooper, Brian F and Silberstein, Adam and Tam, Erwin and Ramakrishnan, Raghu and Sears, Russell},
 booktitle = {ACM symposium on Cloud computing},
 title = {Benchmarking cloud serving systems with YCSB},
 year = {2010}
}

@inproceedings{Copos2015,
 author = {Copos, Bogdan and Murthy, Praveen},
 booktitle = {{5th Program Protection and Reverse Engineering Workshop}},
 title = {{Inputfinder: Reverse engineering closed binaries using hardware performance counters}},
 year = {2015}
}

@inproceedings{Coppens2009,
 author = {Coppens, Bart and Verbauwhede, Ingrid and {De Bosschere}, Koen and {De Sutter}, Bjorn},
 booktitle = {S\&P'09},
 title = {{Practical mitigations for timing-based side-channel attacks on modern x86 processors}},
 year = {2009}
}

@inproceedings{corbato1965introduction,
 author = {Corbat{\'o}, Fernando J and Vyssotsky, Victor A},
 booktitle = {AFIPS Fall Joint Computing Conference},
 title = {Introduction and overview of the Multics system},
 year = {1965}
}

@techreport{Corbato1968paging,
 author = {Corbato, Fernando J},
 institution = {Massachusetts Institute of Technology, Cambridge},
 title = {{A paging experiment with the multics system}},
 year = {1968}
}

@misc{Corbet2015Kernel,
 author = {Corbet, Jonathan},
 title = {{Some kernel memory-allocation improvements}},
 url = {https://lwn.net/Articles/658081/},
 year = {2015}
}

@misc{Corbet2016,
 author = {Corbet, Jonathan},
 month = {October},
 title = {Defending against {Rowhammer} in the kernel},
 url = {https://lwn.net/Articles/704920/},
 year = {2016}
}

@misc{Corbet2018smatch,
 author = {Corbet, Jonathan},
 month = {April},
 title = {{Finding Spectre vulnerabilities with smatch}},
 url = {https://lwn.net/Articles/752408/},
 year = {2018}
}

@misc{Corbet2018spectrebtb,
 author = {Corbet, Jonathan},
 month = {September},
 title = {{Strengthening user-space Spectre v2 protection}},
 year = {2018}
}

@misc{Corbet2018stackleak,
 author = {Corbet, Jonathan},
 month = {March},
 title = {{Preventing kernel-stack leaks}},
 url = {https://lwn.net/Articles/748642/},
 year = {2018}
}

@misc{Corbet2019defending,
 author = {Corbet, Jonathan},
 month = {January},
 title = {{Defending against page-cache attacks}},
 url = {https://lwn.net/Articles/776801/},
 year = {2019}
}

@misc{Corbet2019fixing,
 author = {Corbet, Jonathan},
 month = {February},
 title = {{Fixing page-cache side channels, second attempt}},
 url = {https://lwn.net/Articles/778437/},
 year = {2019}
}

@misc{Corbet2019umwait,
 author = {Corbet, Jonathan},
 title = {{Short waits with umwait}},
 url = {https://lwn.net/Articles/790920/},
 year = {2019}
}

@misc{Corbet2022pcp,
 author = {Corbet, Jonathan},
 title = {{Remote per-CPU page list draining}},
 url = {https://lwn.net/Articles/884448/},
 year = {2022}
}

@article{corbet2022stuffing,
 author = {Corbet, Jonathan},
 journal = {{LWN.net}},
 title = {Stuffing the return stack buffer},
 year = {2022}
}

@inproceedings{Coron1999,
 author = {Coron, Jean-S{\'e}bastien},
 booktitle = {CHES},
 title = {Resistance against differential power analysis for elliptic curve cryptosystems},
 year = {1999}
}

@article{Cortes2015surveillance,
 author = {Cortes, Sarah},
 title = {{Legalizing Domestic Surveillance: The Role of Mutual Legal Assistance Treaties in Deanonymizing TorBrowser Technology}},
 year = {2015}
}

@article{Costan2016,
 author = {Costan, Victor and Devadas, Srinivas},
 journal = {Cryptology ePrint Archive, Report 2016/086},
 title = {{Intel SGX Explained}},
 year = {2016}
}

@inproceedings{costello2020supersingular,
 author = {Costello, Craig},
 booktitle = {SAC},
 title = {Supersingular isogeny key exchange for beginners},
 year = {2020}
}

@inproceedings{Cowan1998,
 author = {Cowan, Crispan and Pu, Calton and Maier, Dave and Walpole, Jonathan and Bakke, Peat and Beattie, Steve and Grier, Aaron and Wagle, Perry and Zhang, Qian and Hinton, Heather},
 booktitle = {USENIX Security},
 title = {Stackguard: Automatic adaptive detection and prevention of buffer-overflow attacks.},
 year = {1998}
}

@inproceedings{Cowan2001raceguard,
 author = {Cowan, Crispin and Beattie, Steve and Wright, Chris and Kroah-Hartman, Greg},
 booktitle = {{USENIX Security Symposium}},
 title = {{RaceGuard: Kernel Protection From Temporary File Race Vulnerabilities.}},
 year = {2001}
}

@book{cox2013ideals,
 author = {Cox, David and Little, John and OShea, Donal},
 publisher = {Springer Science \& Business Media},
 title = {{Ideals, varieties, and algorithms: an introduction to computational algebraic geometry and commutative algebra}},
 year = {2013}
}

@inproceedings{Craaijo2024LibLisa,
 author = {Craaijo, Jos and Verbeek, Freek and Ravindran, Binoy},
 booktitle = {OOPSLA},
 title = {{libLISA: Instruction Discovery and Analysis on x86-64}},
 year = {2024}
}

@book{Crama2011,
 author = {Crama, Yves and Hammer, Peter L},
 isbn = {9780521847513},
 publisher = {Cambridge University Press},
 title = {Boolean functions: Theory, algorithms, and applications},
 year = {2011}
}

@inproceedings{Crandall2006temporal,
 author = {Crandall, Jedidiah R and Wassermann, Gary and de Oliveira, Daniela AS and Su, Zhendong and Wu, S Felix and Chong, Frederic T},
 booktitle = {ACM SIGARCH Computer Architecture News},
 title = {Temporal search: Detecting hidden malware timebombs with virtual machines},
 volume = {34},
 year = {2006}
}

@inproceedings{Crane2015,
 author = {Crane, Stephen and Homescu, Andrei and Brunthaler, Stefan and Larsen, Per and Franz, Michael},
 booktitle = {NDSS},
 title = {Thwarting Cache Side-Channel Attacks Through Dynamic Software Diversity},
 year = {2015}
}

@inproceedings{crane2015readactor,
 author = {Crane, Stephen and Liebchen, Christopher and Homescu, Andrei and Davi, Lucas and Larsen, Per and Sadeghi, Ahmad-Reza and Brunthaler, Stefan and Franz, Michael},
 booktitle = {S\&P},
 title = {Readactor: Practical code randomization resilient to memory disclosure},
 year = {2015}
}

@misc{Crenshaw2010HID,
 author = {Crenshaw, Adrian},
 title = {{Programmable HID USB Keystroke Dongle: Using the Teensy as a pen testing device}},
 url = {http://www.irongeek.com/i.php?page=security/programmable-hid-usb-keystroke-dongle},
 year = {2010}
}

@inproceedings{cronin2019fetching,
 author = {Cronin, Patrick and Yang, Chengmo},
 booktitle = {HOST},
 title = {{A fetching tale: Covert communication with the hardware prefetcher}},
 year = {2019}
}

@inproceedings{Cronin2021arm,
 author = {Cronin, Patrick and Gao, Xing and Wang, Haining and Cotton, Chase},
 booktitle = {ACSAC},
 title = {An Exploration of ARM System-Level Cache and GPU Side Channels},
 year = {2021}
}

@article{Crosby2009,
 author = {Crosby, Scott A and Wallach, Dan S and Riedi, Rudolf H},
 journal = {ACM Transactions on Information and System Security (TISSEC)},
 number = {3},
 pages = {17},
 publisher = {ACM},
 title = {{Opportunities and limits of remote timing attacks}},
 volume = {12},
 year = {2009}
}

@misc{CrosstoolNG1.27.0,
 author = {crosstool-ng},
 title = {Crosstool-NG version 1.27.0},
 url = {https://crosstool-ng.github.io/},
 year = {2025}
}

@misc{Crowthers2011,
 author = {Doug Crowthers},
 month = {June},
 title = {Can You Get More Space Or Speed From Your SSD?},
 url = {https://www.tomshardware.com/reviews/ssd-performance-tweak,2911-4.html},
 year = {2011}
}

@misc{cryptoswift,
 author = {Marcin Krzyzanowski},
 title = {{CryptoSwift: Growing collection of standard and secure cryptographic algorithms implemented in Swift}},
 url = {https://cryptoswift.io},
 year = {2019}
}

@misc{Cryptpad2025Cryptpad,
 author = {{CryptPad Team }},
 title = {{CryptPad}: End-to-End Encrypted Collaboration Suite},
 url = {https://cryptpad.org/},
 year = {2025}
}

@misc{Cryptsetup2025LUKSV2.8.1,
 author = {cryptsetup},
 title = {LUKS - Linux Unified Key Setup, Version 2.8.1},
 url = {https://gitlab.com/cryptsetup/cryptsetup/-/blob/9cfdd6ba068b375a2b6cda429b3f92388448dd67/README.md},
 year = {2025}
}

@misc{CSID2012,
 author = {CSID},
 title = {{Consumer Survey: Password Habits}},
 url = {http://www.csid.com/wp-content/uploads/2012/09/CS_PasswordSurvey_FullReport_FINAL.pdf},
 year = {2012}
}

@inproceedings{Culbertson2018performance,
 author = {Culbertson, Leslie},
 month = {May},
 organization = {Intel},
 title = {Addressing New Research for Side-Channel Analysis},
 year = {2018}
}

@misc{Cutress2018i9,
 author = {Ian Cutress},
 title = {Analyzing {Core} i9-{9900K} Performance with {Spectre} and {Meltdown} Hardware Mitigations},
 url = {https://www.anandtech.com/show/13659/analyzing-core-i9-9900k-performance-with-spectre-and-meltdown-hardware-mitigations},
 year = {2018}
}

@misc{Cutress2018Spectre,
 author = {Cutress, Ian},
 month = {August},
 title = {{Spectre and Meltdown in Hardware: Intel Clarifies Whiskey Lake and Amber Lake}},
 url = {https://www.anandtech.com/show/13301/spectre-and-meltdown-in-hardware-intel-clarifies-whiskey-lake-and-amber-lake},
 year = {2018}
}

@misc{Cuyt2019,
 author = {Sven Cuyt},
 howpublished = {Master Thesis, KU Leuven},
 title = {{A Security Analysis of Interrupts in Embedded Enclaved Execution}},
 year = {2019}
}

@misc{CVE-2014-4699,
 month = {August},
 organization = {{CVE}},
 title = {{CVE}-2014-4699},
 year = {2014}
}

@misc{CVE-2015-8550,
 month = {December},
 organization = {{CVE}},
 title = {{CVE}-2015-8550},
 year = {2015}
}

@misc{CVE-2016-6516,
 month = {August},
 organization = {{CVE}},
 title = {{CVE}-2016-6516},
 year = {2016}
}

@misc{CVE-2020-24512,
 organization = {{CVE}},
 title = {{CVE}-2020-24512},
 year = {2020}
}

@misc{CVEachang,
 note = {{CVE-2015-5307}},
 organization = {{NIST National Vulnerability Database}},
 title = {{CVE-2015-5307}},
 url = {https://nvd.nist.gov/vuln/detail/cve-2015-5307},
 year = {2015}
}

@misc{CVEamdcorehang,
 note = {{CVE-2021-26339}},
 organization = {{MITRE}},
 title = {{CVE-2021-26339}},
 url = {https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26339},
 year = {2021}
}

@misc{CVEcrosstalk,
 note = {{Special Register Buffer Data Sampling (SRBDS)}},
 organization = {{NIST National Vulnerability Database}},
 title = {{CVE-2020-0543}},
 url = {https://nvd.nist.gov/vuln/detail/CVE-2020-0543},
 year = {2020}
}

@misc{CVEdbhang,
 note = {{CVE-2015-8104}},
 organization = {{MITRE}},
 title = {{CVE-2015-8104}},
 url = {https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8104},
 year = {2015}
}

@misc{CVEfillbuffer,
 note = {{Microarchitectural Fill Buffer Data Sampling (MFBDS)}},
 organization = {{NIST National Vulnerability Database}},
 title = {{CVE-2018-12130}},
 url = {https://nvd.nist.gov/vuln/detail/CVE-2018-12130},
 year = {2019}
}

@misc{CVEitlbmultihit,
 note = {{CVE-2018-12207}},
 organization = {{NIST National Vulnerability Database}},
 title = {{CVE-2018-12207}},
 url = {https://nvd.nist.gov/vuln/detail/CVE-2018-12207},
 year = {2018}
}

@misc{CVEl1dsampling,
 note = {{L1D Eviction Sampling (L1DES)}},
 organization = {{NIST National Vulnerability Database}},
 title = {{CVE-2020-0549}},
 url = {https://nvd.nist.gov/vuln/detail/CVE-2020-0549},
 year = {2020}
}

@misc{CVEloadport,
 note = {{Microarchitectural Load Port Data Sampling (MLPDS)}},
 organization = {{NIST National Vulnerability Database}},
 title = {{CVE-2018-12127}},
 url = {https://nvd.nist.gov/vuln/detail/CVE-2018-12127},
 year = {2019}
}

@misc{CVElvi,
 note = {{Load Value Injection (LVI)}},
 organization = {{NIST National Vulnerability Database}},
 title = {{CVE-2020-0551}},
 url = {https://nvd.nist.gov/vuln/detail/CVE-2020-0551},
 year = {2020}
}

@misc{CVEmeltdown,
 note = {{Meltdown}},
 organization = {{NIST National Vulnerability Database}},
 title = {{CVE-2017-5754}},
 url = {https://nvd.nist.gov/vuln/detail/CVE-2017-5754},
 year = {2018}
}

@misc{CVEsnoopy,
 note = {{Snoop-Assisted L1D Sampling}},
 organization = {{NIST National Vulnerability Database}},
 title = {{CVE-2020-0550}},
 url = {https://nvd.nist.gov/vuln/detail/CVE-2020-0550},
 year = {2020}
}

@misc{CVEspectrev1,
 note = {{Spectre V1: Bounds Check Bypass}},
 organization = {{NIST National Vulnerability Database}},
 title = {{CVE-2017-5753}},
 url = {https://nvd.nist.gov/vuln/detail/CVE-2017-5753},
 year = {2018}
}

@misc{CVEspectrev2,
 note = {{Spectre V2: Branch Target Injection}},
 organization = {{NIST National Vulnerability Database}},
 title = {{CVE-2017-5715}},
 url = {https://nvd.nist.gov/vuln/detail/CVE-2017-5715},
 year = {2018}
}

@misc{CVEstorebuffer,
 note = {{Microarchitectural Store Buffer Data Sampling (MSBDS)}},
 organization = {{NIST National Vulnerability Database}},
 title = {{CVE-2018-12126}},
 url = {https://nvd.nist.gov/vuln/detail/CVE-2018-12126},
 year = {2019}
}

@misc{CVEtaa,
 note = {{TSX Asynchronous Abort (TAA)}},
 organization = {{NIST National Vulnerability Database}},
 title = {{CVE-2019-11135}},
 url = {https://nvd.nist.gov/vuln/detail/CVE-2019-11135},
 year = {2019}
}

@misc{CVEuncacheable,
 note = {{Microarchitectural Data Sampling Uncacheable Memory (MDSUM)}},
 organization = {{NIST National Vulnerability Database}},
 title = {{CVE-2019-11091}},
 url = {https://nvd.nist.gov/vuln/detail/CVE-2019-11091},
 year = {2019}
}

@misc{CVEvectorsampling,
 note = {{Vector Register Sampling (VRS)}},
 organization = {{NIST National Vulnerability Database}},
 title = {{CVE-2020-0548}},
 url = {https://nvd.nist.gov/vuln/detail/CVE-2020-0548},
 year = {2020}
}

@misc{CWE-365,
 author = {{MITRE}},
 title = {{CWE}-365: Race Condition in Switch},
 url = {https://cwe.mitre.org/data/definitions/365.html},
 year = {2017}
}

@misc{CWE-416,
 author = {{MITRE}},
 title = {{CWE}-416: Use After Free},
 url = {https://cwe.mitre.org/data/definitions/416.html},
 year = {2020}
}

@misc{CWE-688,
 author = {{MITRE}},
 title = {{CWE}-688: Function Call With Incorrect Variable or Reference as Argument},
 url = {https://cwe.mitre.org/data/definitions/688.html},
 year = {2020}
}

@misc{CWE-689,
 author = {{MITRE}},
 title = {{CWE}-689: Permission Race Condition During Resource Copy},
 url = {https://cwe.mitre.org/data/definitions/689.html},
 year = {2020}
}

@book{Daemen2013aes,
 author = {Daemen, Joan and Rijmen, Vincent},
 title = {The design of Rijndael: {AES}-the advanced encryption standard},
 year = {2013}
}

@inproceedings{Dai2022mesh,
 author = {Dai, Miles and Paccagnella, Riccardo and Gomez-Garcia, Miguel and McCalpin, John and Yan, Mengjia},
 booktitle = {USENIX Security Symposium},
 title = {Don{\textquoteright}t Mesh Around: {Side-Channel} Attacks and Mitigations on Mesh Interconnects},
 year = {2022}
}

@inproceedings{Dai2023ChatGPT,
 author = {Dai, Wei and Lin, Jionghao and Jin, Hua and Li, Tongguang and Tsai, Yi-Shan and Ga{\v{s}}evi{\'c}, Dragan and Chen, Guanliang},
 booktitle = {IEEE International Conference on Advanced Learning Technologies (ICALT)},
 title = {Can large language models provide feedback to students? A case study on ChatGPT},
 year = {2023}
}

@article{Dalins2018criminal,
 author = {Dalins, Janis and Wilson, Campbell and Carman, Mark},
 journal = {Digital Investigation},
 title = {{Criminal motivation on the dark web: A categorisation model for law enforcement}},
 year = {2018}
}

@inproceedings{Dall2018cachequote,
 author = {Dall, Fergus and De Micheli, Gabrielle and Eisenbarth, Thomas and Genkin, Daniel and Heninger, Nadia and Moghimi, Ahmad and Yarom, Yuval},
 booktitle = {CHES},
 title = {{Cachequote: Efficiently recovering long-term secrets of SGX EPID via cache attacks}},
 year = {2018}
}

@inproceedings{Danev2011,
 author = {Danev, Boris and Masti, Ramya Jayaram and Karame, Ghassan O. and Capkun, Srdjan},
 booktitle = {Proceedings of the 27th Annual Computer Security Applications Conference (ACSAC'11)},
 pages = {187--196},
 title = {{Enabling secure VM-vTPM migration in private clouds}},
 year = {2011}
}

@inproceedings{Daniel2020Binsec,
 author = {Daniel, Lesly-Ann and Bardin, S{\'e}bastien and Rezk, Tamara},
 booktitle = {S\&P},
 title = {{Binsec/rel: Efficient relational symbolic execution for constant-time at binary-level}},
 year = {2020}
}

@inproceedings{Daniel2021hunting,
 author = {Daniel, Lesly-Ann and Bardin, S{\'e}bastien and Rezk, Tamara},
 booktitle = {NDSS},
 title = {Hunting the Haunter-Efficient Relational Symbolic Execution for Spectre with Haunted RelSE},
 year = {2021}
}

@inproceedings{daniel2023prospect,
 author = {Daniel, Lesly-Ann and Bognar, Marton and Noorman, Job and Bardin, S{\'e}bastien and Rezk, Tamara and Piessens, Frank},
 booktitle = {USENIX Security},
 title = {$\{$ProSpeCT$\}$: Provably Secure Speculation for the $\{$Constant-Time$\}$ Policy},
 year = {2023}
}

@inproceedings{Danisevskis2013,
 author = {Danisevskis, Janis and Piekarska, Marta and Seifert, Jean-Pierre},
 booktitle = {Proceedings of the 16th Annual International Conference on Information Security and Cryptology (ICISC'13)},
 title = {{Dark Side of the Shader: Mobile GPU-aided Malware Delivery}},
 year = {2013}
}

@article{DAntoine2017out,
 author = {d’Antoine, Sophia and Blackthorne, Jeremy and Yener, B{\"u}lent},
 journal = {ROOTS},
 title = {{Out-of-Order Execution as a Cross-VM Side-Channel and Other Applications}},
 year = {2017}
}

@article{Daryabar2011investigation,
 author = {Daryabar, Farid and Dehghantanha, Ali and Broujerdi, Hoorang Ghasem},
 journal = {International Journal of Digital Information and Wireless Communications (IJDIWC)},
 number = {3},
 publisher = {The Society of Digital Information and Wireless Communication},
 title = {{Investigation of malware defence and detection techniques}},
 volume = {1},
 year = {2011}
}

@inproceedings{Das2014,
 author = {Das, Anupam and Bonneau, Joseph and Caesar, Matthew and Borisov, Nikita and Wang, XiaoFeng},
 booktitle = {{NDSS'14}},
 title = {{The Tangled Web of Password Reuse.}},
 year = {2014}
}

@inproceedings{Das2019Sok,
 author = {Das, Sanjeev and Werner, Jan and Antonakakis, Manos and Polychronakis, Michalis and Monrose, Fabian},
 booktitle = {2019 IEEE Symposium on Security and Privacy (SP)},
 organization = {IEEE},
 pages = {20--38},
 title = {SoK: The challenges, pitfalls, and perils of using hardware performance counters for security},
 year = {2019}
}

@inproceedings{dasgupta2019complete,
 author = {Dasgupta, Sandeep and Park, Daejun and Kasampalis, Theodoros and Adve, Vikram S and Ro{\c{s}}u, Grigore},
 booktitle = {PLDI},
 title = {A complete formal semantics of x86-64 user-level instruction set architecture},
 year = {2019}
}

@misc{Datavisor2024fingerprint,
 author = {Data Visor},
 title = {{Device Fingerprinting}},
 url = {{https://www.datavisor.com/wiki/device-fingerprinting/}},
 year = {2024}
}

@misc{Davenport2014,
 author = {Shaun Davenport and Richard Ford},
 month = {January},
 title = {{SGX: the good, the bad and the downright ugly}},
 url = {https://www.virusbulletin.com/virusbulletin/2014/01/sgx-good-bad-and-downright-ugly},
 year = {2014}
}

@inproceedings{Davi2011,
 author = {Davi, Lucas and Sadeghi, Ahmad-Reza and Winandy, Marcel},
 booktitle = {{ASIACCS}},
 title = {{ROPdefender: A detection tool to defend against return-oriented programming attacks}},
 year = {2011}
}

@inproceedings{David2011,
 author = {David, Howard and Fallin, Chris and Gorbatov, Eugene and Hanebutte, Ulf R and Mutlu, Onur},
 booktitle = {{ACM International Conference on Autonomic Computing}},
 title = {{Memory power management via dynamic voltage/frequency scaling}},
 year = {2011}
}

@inproceedings{Davidson2013Fie,
 author = {Davidson, Drew and Moench, Benjamin and Ristenpart, Thomas and Jha, Somesh},
 booktitle = {USENIX},
 title = {$\{$FIE$\}$ on firmware: Finding vulnerabilities in embedded systems using symbolic execution},
 year = {2013}
}

@inproceedings{Davidsson2019,
 author = {Davidsson, Nicolai and Pawlowski, Andre and Holz, Thorsten},
 booktitle = {{ESORICS}},
 title = {Towards automated application-specific software stacks},
 year = {2019}
}

@article{davis2019algorithm,
 author = {Davis, Timothy A},
 journal = {TOMS},
 title = {{Algorithm 1000: SuiteSparse: GraphBLAS: Graph algorithms in the language of sparse linear algebra}},
 year = {2019}
}

@inproceedings{de2008z3,
 author = {De Moura, Leonardo and Bj{\o}rner, Nikolaj},
 booktitle = {TACAS},
 title = {Z3: An efficient SMT solver},
 year = {2008}
}

@article{de2017mathematics,
 author = {De Feo, Luca},
 journal = {arXiv preprint arXiv:1711.04062},
 title = {Mathematics of isogeny based cryptography},
 year = {2017}
}

@inproceedings{de2021smash,
 author = {de Ridder, Finn and Frigo, Pietro and Vannacci, Emanuele and Bos, Herbert and Giuffrida, Cristiano and Razavi, Kaveh},
 booktitle = {USENIX},
 title = {SMASH: Synchronized Many-sided Rowhammer Attacks from JavaScript.},
 year = {2021}
}

@inproceedings{de_moura2008z3,
 author = {De Moura, Leonardo and Bj\o{}rner, Nikolaj},
 booktitle = {Proceedings of the Theory and Practice of Software, 14th International Conference on Tools and Algorithms for the Construction and Analysis of Systems},
 title = {Z3: an efficient SMT solver},
 year = {2008}
}

@misc{Dean2019loading,
 author = {Brian Dean},
 title = {We Analyzed 5.2 Million Desktop and Mobile Pages. Here's What We Learned About Page Speed},
 url = {https://backlinko.com/page-speed-stats},
 year = {2019}
}

@misc{Debian2022Chipsrisc,
 author = {{Debian Wiki}},
 title = {{ASIC implementations, i.e. "real" CPU chips}},
 url = {https://wiki.debian.org/RISC-V#ASIC_implementations.2C_i.e._.22real.22_CPU_chips},
 year = {2022}
}

@misc{DebianSSD,
 key = {Debian Wiki Team},
 month = {March},
 title = {SSDOptimization},
 url = {https://wiki.debian.org/SSDOptimization},
 year = {2018}
}

@misc{Decker2022Singular,
 author = {Decker, Wolfram and Greuel, Gert-Martin and Pfister, Gerhard and Sch\"onemann, Hans},
 title = {{\sc Singular} {4-3-0} --- {A} computer algebra system for polynomial computations},
 year = {2022}
}

@misc{DefineQualityDedicatedRoot,
 author = {DefineQuality Hosting},
 title = {Highend Dedicated Rootserver},
 url = {https://definequality.net/dedicated.php},
 year = {2018}
}

@book{deisenroth2020mathematics,
 author = {Deisenroth, Marc Peter and Faisal, A Aldo and Ong, Cheng Soon},
 title = {Mathematics for machine learning},
 year = {2020}
}

@misc{Demeulemeester2019,
 author = {Samuel Demeulemeester},
 title = {{Investigating the HCF instruction on Motorola 6800}},
 url = {https://x86.fr/investigating-the-halt-and-catch-fire-instruction-on-motorola-6800/},
 year = {2019}
}

@article{Demme2013,
 author = {Demme, John and Maycock, Matthew and Schmitz, Jared and Tang, Adrian and Waksman, Adam and Sethumadhavan, Simha and Stolfo, Salvatore},
 journal = {ACM SIGARCH Computer Architecture News},
 number = {3},
 pages = {559--570},
 publisher = {ACM},
 title = {On the feasibility of online malware detection with performance counters},
 volume = {41},
 year = {2013}
}

@inproceedings{DeMoura2008,
 author = {De Moura, Leonardo and Bj{\o{}}rner, Nikolaj},
 booktitle = {International conference on Tools and Algorithms for the Construction and Analysis of Systems},
 organization = {Springer},
 pages = {337--340},
 title = {Z3: An efficient SMT solver},
 year = {2008}
}

@inproceedings{den2002dpa,
 author = {den Boer, Bert and Lemke, Kerstin and Wicke, Guntram},
 booktitle = {International Workshop on Cryptographic Hardware and Embedded Systems},
 organization = {Springer},
 pages = {228--243},
 title = {{A DPA attack against the modular reduction within a CRT implementation of RSA}},
 year = {2002}
}

@article{deng2013time,
 author = {Deng, Houtao and Runger, George and Tuv, Eugene and Vladimir, Martyanov},
 journal = {Information Sciences},
 title = {A time series forest for classification and feature extraction},
 volume = {239},
 year = {2013}
}

@inproceedings{Deng2019Secure,
 author = {Deng, Shuwen and Xiong, Wenjie and Szefer, Jakub},
 booktitle = {ISCA},
 title = {{Secure TLBs}},
 year = {2019}
}

@inproceedings{deng2021new,
 author = {Deng, Shuwen and Szefer, Jakub},
 booktitle = {DAC},
 title = {New predictor-based attacks in processors},
 year = {2021}
}

@article{Denning1968,
 author = {Denning, Peter J},
 journal = {Communications of the ACM},
 number = {5},
 pages = {323--333},
 publisher = {ACM},
 title = {{The working set model for program behavior}},
 volume = {11},
 year = {1968}
}

@article{denning1976lattice,
 author = {Denning, Dorothy E},
 journal = {Commun. ACM},
 title = {A lattice model of secure information flow},
 year = {1976}
}

@article{denning1977certification,
 author = {Denning, Dorothy E and Denning, Peter J},
 journal = {Commun. ACM},
 title = {Certification of programs for secure information flow},
 year = {1977}
}

@article{Denning1980,
 author = {Denning, Peter J.},
 journal = {IEEE Transactions on Software Engineering},
 number = {1},
 pages = {64--84},
 publisher = {IEEE},
 title = {{Working sets past and present}},
 year = {1980}
}

@article{Depoix2018detecting,
 author = {Depoix, Jonas and Altmeyer, Philipp},
 journal = {Advanced Microkernel Operating Systems},
 title = {Detecting Spectre Attacks by identifying Cache Side-Channel Attacks using Machine Learning},
 volume = {75},
 year = {2018}
}

@inproceedings{deRidder2021smash,
 author = {de Ridder, Finn and Frigo, Pietro and Vannacci, Emanuele and Bos, Herbert and Giuffrida, Cristiano and Razavi, Kaveh},
 booktitle = {USENIX Security Symposium},
 title = {SMASH: Synchronized Many-sided Rowhammer Attacks from JavaScript},
 year = {2021}
}

@inproceedings{Dessouky2019,
 author = {Dessouky, Ghada and Gens, David and Haney, Patrick and Persyn, Garrett and Kanuparthi, Arun and Khattri, Hareesh and Fung, Jason M and Sadeghi, Ahmad-Reza and Rajendran, Jeyavijayan},
 booktitle = {USENIX Security Symposium},
 title = {{HardFails: Insights into Software-Exploitable Hardware Bugs}},
 year = {2019}
}

@online{Deveria2016,
 author = {Alexis Deveria},
 title = {Can I use... Support tables for HTML5, CSS3, etc.},
 url = {http://caniuse.com/},
 year = {2018}
}

@inproceedings{Dey2014,
 author = {Dey, Sanorita and Roy, Nirupam and Xu, Wenyuan and Choudhury, Romit Roy and Nelakuditi, Srihari},
 booktitle = {{NDSS}},
 title = {{Accelprint: Imperfections of accelerometers make smartphones trackable}},
 year = {2014}
}

@book{Dhamdhere1999,
 author = {Dhamdhere, Dhananjay M},
 publisher = {Tata McGraw-Hill},
 title = {Systems Programming and Operating Systems},
 year = {1999}
}

@inproceedings{Dhurjati2006,
 author = {Dhurjati, Dinakar and Adve, Vikram},
 booktitle = {{DSN}},
 title = {{Efficiently detecting all dangling pointer uses in production servers}},
 year = {2006}
}

@inproceedings{Diao2016,
 author = {Wenrui Diao and Xiangyu Liu and Zhou Li and Kehuan Zhang},
 booktitle = {S\&P},
 title = {{No Pardon for the Interruption: New Inference Attacks on Android Through Interrupt Timing Analysis}},
 year = {2016}
}

@inproceedings{didier2022characterizing,
 author = {Didier, Guillaume and Maurice, Cl{\'e}mentine and Geimer, Antoine and Ghandour, Walid J},
 booktitle = {SBAC-PAD},
 title = {{Characterizing Prefetchers using CacheObserver}},
 year = {2022}
}

@misc{Dierks2008TlsRfc,
 author = {Eric Rescorla and Tim Dierks},
 doi = {10.17487/RFC5246},
 howpublished = {RFC 5246},
 month = {August},
 number = {5246},
 pagetotal = {104},
 series = {Request for Comments},
 title = {{The Transport Layer Security (TLS) Protocol Version 1.2}},
 url = {https://doi.org/10.17487/RFC5246},
 year = {2008}
}

@inproceedings{Dinaburg2008,
 author = {Dinaburg, Artem and Royal, Paul and Sharif, Monirul and Lee, Wenke},
 booktitle = {CCS'08},
 title = {{Ether: malware analysis via hardware virtualization extensions}},
 year = {2008}
}

@inproceedings{Dinaburg2011,
 author = {Dinaburg, Artem},
 booktitle = {BlackHat US Briefings},
 no-url = {http://media.blackhat.com/bh-us-11/Dinaburg/BH_US_11_Dinaburg_Bitsquatting_WP.pdf},
 title = {{Bitsquatting: DNS Hijacking without Exploitation}},
 year = {2011}
}

@inproceedings{Dinesh2020retrowrite,
 author = {Sushant Dinesh and Nathan Burow and Dongyan Xu and Mathias Payer},
 booktitle = {S\&P},
 title = {{RetroWrite: Statically Instrumenting COTS Binaries for Fuzzing and Sanitization}},
 year = {2020}
}

@inproceedings{dinesh2022synthct,
 author = {Dinesh, Sushant and Garrett-Grossman, Grant and Fletcher, Christopher W},
 booktitle = {NDSS},
 title = {Synthct: Towards portable constant-time code},
 year = {2022}
}

@inproceedings{Dinesh2024conjunct,
 author = {Dinesh, Sushant and Parthasarathy, Madhusudan and Fletcher, Christopher W},
 booktitle = {S\&P},
 title = {Conjunct: Learning inductive invariants to prove unbounded instruction safety against microarchitectural timing attacks},
 year = {2024}
}

@inproceedings{Dio2023Copy,
 author = {Andrea Di Dio and Koen Koning and Herbert Bos and Cristiano Giuffrida},
 booktitle = {NDSS},
 title = {{Copy-on-Flip: Hardening ECC Memory Against Rowhammer Attacks}},
 year = {2023}
}

@article{DiPietro2013,
 author = {{Di Pietro}, Roberto and Lombardi, Flavio and Villani, Antonio},
 journal = {arXiv:1305.7383v1},
 title = {{CUDA Leaks: Information Leakage in GPU Architectures}},
 year = {2013}
}

@inproceedings{Disselkoen2017prime,
 author = {Disselkoen, Craig and Kohlbrenner, David and Porter, Leo and Tullsen, Dean},
 booktitle = {{USENIX Security Symposium}},
 title = {{Prime+Abort: A Timer-Free High-Precision L3 Cache Attack using Intel TSX}},
 year = {2017}
}

@inproceedings{Disselkoen2019code,
 author = {Disselkoen, Craig and Jagadeesan, Radha and Jeffrey, Alan and Riely, James},
 booktitle = {S\&P},
 title = {{The code that never ran: Modeling attacks on speculative evaluation}},
 year = {2019}
}

@misc{Dixon2017,
 author = {Lizzie Dixon},
 title = {{Breaking KASLR with perf}},
 url = {https://blog.lizzie.io/kaslr-and-perf.html},
 year = {2017}
}

@article{Djordjevic2015,
 author = {Djordjević, Borislav and Nemanja Maček and Valentina Timčenko},
 journal = {Acta Polytechnica Hungarica},
 number = {4},
 pages = {147--165},
 title = {{Performance Issues in Cloud Computing: KVM Hypervisor’s Cache Modes Evaluation}},
 volume = {12},
 year = {2015}
}

@inproceedings{Dobraunig2018SIFA,
 author = {Christoph Dobraunig and Maria Eichlseder and Thomas Korak and Stefan Mangard and Florian Mendel and Robert Primas},
 booktitle = {IACR Transactions on Cryptographic Hardware and Embedded Systems},
 title = {{SIFA: Exploiting Ineffective Fault Inductions on Symmetric Cryptography}},
 year = {2018}
}

@misc{Dobrovitski2003,
 author = {Dobrovitski, Igor},
 title = {{Exploit for CVS double free () for linux pserver}},
 year = {2003}
}

@misc{Docker2016,
 author = {Docker},
 title = {What is Docker?},
 url = {https://www.docker.com/what-docker},
 year = {2016}
}

@misc{Docker_AWS,
 author = {Docker},
 title = {Amazon Web Services - Docker},
 url = {https://docs.docker.com/machine/drivers/aws/},
 year = {2016}
}

@misc{Dodd2003,
 author = {James M. Dodd},
 no-note = {US Patent Grant 2006-07-11},
 no-url = {https://encrypted.google.com/patents/US7076617B2},
 number = {US7076617B2},
 title = {Adaptive page management},
 year = {2003}
}

@inproceedings{dodis2004fuzzy,
 author = {Dodis, Yevgeniy and Reyzin, Leonid and Smith, Adam},
 booktitle = {EUROCRYPT},
 title = {Fuzzy extractors: How to generate strong keys from biometrics and other noisy data},
 year = {2004}
}

@inproceedings{Dofferhoff2020Iscanu,
 author = {Dofferhoff, Rens and G{\"o}ebel, Michael and Rietveld, Kristian and Van Der Kouwe, Erik},
 booktitle = {International Conference on Dependable Systems and Networks},
 title = {{IScanU}: A portable scanner for undocumented instructions on risc processors},
 year = {2020}
}

@inproceedings{dofferhoff2020iscanu,
 author = {Dofferhoff, Rens and G{\"o}ebel, Michael and Rietveld, Kristian and Van Der Kouwe, Erik},
 booktitle = {DSN},
 title = {iScanU: A portable scanner for undocumented instructions on RISC processors},
 year = {2020}
}

@misc{DolanMov2013,
 author = {{Stephen Dolan}},
 title = {{mov is Turing-complete}},
 url = {https://drwho.virtadpt.net/files/mov.pdf},
 year = {2013}
}

@inproceedings{Dolstra2010Nixos,
 author = {Dolstra, Eelco and L{\"o}h, Andres and Pierron, Nicolas},
 booktitle = {Journal of Functional Programming},
 title = {NixOS: A purely functional Linux distribution},
 year = {2010}
}

@article{Domas2017,
 author = {Domas, Christopher},
 journal = {Black Hat US},
 title = {{Breaking the x86 ISA}},
 year = {2017}
}

@article{domas2017breaking,
 author = {Domas, Christopher},
 journal = {Black Hat},
 title = {Breaking the x86 ISA},
 year = {2017}
}

@article{Domas2018Hardware,
 author = {Domas, Christopher},
 journal = {Black Hat},
 title = {Hardware backdoors in x86 CPUs},
 year = {2018}
}

@article{Domas2018Shakacon,
 author = {Domas, Christopher},
 journal = {Shakacon},
 title = {{Continuing to Break the x86 Instruction Set}},
 year = {2018}
}

@article{Domas2018undocumented,
 author = {Domas, Christopher},
 journal = {Black Hat US},
 title = {{Hardware Backdoors in x86 CPUs}},
 year = {2018}
}

@misc{DomasMovfuscator2015,
 author = {{Christopher Domas}},
 title = {{M/o/Vfuscator}},
 url = {https://github.com/xoreaxeaxeax/movfuscator},
 year = {2015}
}

@article{Domnitser2011,
 author = {Domnitser, Leonid and Jaleel, Aamer and Loew, Jason and Abu-Ghazaleh, Nael and Ponomarev, Dmitry},
 journal = {ACM Transactions on Architecture and Code Optimization (TACO)},
 number = {4},
 title = {{Non-Monopolizable Caches: Low-Complexity Mitigation of Cache Side Channel Attacks}},
 volume = {8},
 year = {2011}
}

@inproceedings{Dong2018Spectres,
 author = {Dong, Xiaowan and Shen, Zhuojia and Criswell, John and Cox, Alan and Dwarkadas, Sandhya},
 booktitle = {{Workshop on Hardware and Architectural Support for Security and Privacy}},
 title = {{Spectres, virtual ghosts, and hardware support}},
 year = {2018}
}

@inproceedings{Dong2019,
 author = {Dong, Shiquan and Farha, Fadi and Cui, Shan and Ma, Jianhua and Ning, Huansheng},
 booktitle = {{IEEE Cyber Science and Technology Congress (CyberSciTech)}},
 title = {{CPG-FS: A CPU Performance Graph Based Device Fingerprint Scheme for Devices Identification and Authentication}},
 year = {2019}
}

@book{Doraswamy2003,
 author = {Doraswamy, Naganand and Harkins, Dan},
 publisher = {Prentice Hall Professional},
 title = {{IPSec: the new security standard for the Internet, intranets, and virtual private networks}},
 year = {2003}
}

@article{Dos2009axioms,
 author = {Dos Reis, Gabriel and Stroustrup, Bjarne and Merideth, A},
 journal = {ISO/IEC JTC1/WG21 doc},
 title = {Axioms: Semantics aspects of C++ concepts},
 year = {2009}
}

@misc{DOSMS2015,
 author = {{Net Applications.com}},
 month = {February},
 title = {{Desktop Operating System Market Share}},
 url = {http://www.netmarketshare.com/operating-system-market-share.aspx},
 year = {2015}
}

@misc{DOSMS2019,
 author = {{Net Applications.com}},
 month = {August},
 title = {{Desktop Operating System Market Share}},
 url = {http://www.netmarketshare.com/operating-system-market-share.aspx},
 year = {2019}
}

@inproceedings{Doupe2013deDacota,
 author = {Doup\'{e}, Adam and Cui, Weidong and Jakubowski, Mariusz H. and Peinado, Marcus and Kruegel, Christopher and Vigna, Giovanni},
 booktitle = {CCS},
 doi = {10.1145/2508859.2516708},
 keyword = {code and data separation, content security policy, cross-site scripting, csp, xss},
 title = {deDacota: Toward Preventing Server-Side XSS via Automatic Code and Data Separation},
 url = {https://doi.org/10.1145/2508859.2516708},
 year = {2013}
}

@misc{Downs2018ROB,
 author = {Travis Downs},
 title = {{ROB} Size Testing Tool},
 url = {https://github.com/travisdowns/robsize},
 year = {2018}
}

@misc{Downs2019interrupts,
 author = {Travis Downs},
 month = {August},
 title = {Where do interrupts happen?},
 url = {https://travisdowns.github.io/blog/2019/08/20/interrupts.html},
 year = {2019}
}

@article{Dowty2009,
 author = {Dowty, Micah and Sugerman, Jeremy},
 journal = {ACM SIGOPS Operating Systems Review},
 number = {3},
 pages = {73--82},
 title = {{GPU virtualization on VMware's hosted I/O architecture}},
 volume = {43},
 year = {2009}
}

@article{doychev2015cacheaudit,
 author = {Doychev, Goran and K{\"o}pf, Boris and Mauborgne, Laurent and Reineke, Jan},
 journal = {ACM TISSEC},
 title = {Cacheaudit: A tool for the static analysis of cache side channels},
 year = {2015}
}

@article{Doychev2016_______delete,
 author = {Goran Doychev and
Boris K{\"{o}}pf},
 journal = {arXiv:1603\allowbreak .\allowbreak 0\allowbreak 2\allowbreak 1\allowbreak 8\allowbreak 7},
 title = {{Rigorous Analysis of Software Countermeasures against Cache Attacks}},
 year = {2016}
}

@inproceedings{Doychev2017,
 author = {Doychev, Goran and K{\"o}pf, Boris},
 booktitle = {PLDI},
 title = {{Rigorous Analysis of Software Countermeasures against Cache Attacks}},
 year = {2017}
}

@misc{DriverVerifier,
 author = {Microsoft},
 title = {{Power Framework Delay Fuzzing}},
 url = {https://docs.microsoft.com/en-us/windows-hardware/drivers/devtest/},
 year = {2017}
}

@misc{Drysdale2014syscall,
 author = {David Drysdale},
 title = {{Anatomy of a system call, part 2}},
 url = {https://lwn.net/Articles/604515/},
 year = {2014}
}

@misc{Drysdale2015elf,
 author = {Drysdale, David},
 month = {February},
 title = {{How programs get run: ELF binaries}},
 url = {https://lwn.net/Articles/631631/},
 year = {2015}
}

@inproceedings{Duato2009,
 author = {Duato, Jos\'{e} and Igual, Francisco D. and Mayo, Rafael and Pe\~{n}a, Antonio J. and Quintana-Ort\'{\i{}}, Enrique S. and Silla, Federico},
 booktitle = {Proceedings of the 2009 international conference on Parallel processing (Euro-Par'09)},
 pages = {385--394},
 title = {{An Efficient Implementation of GPU Virtualization in High Performance Clusters}},
 year = {2009}
}

@inproceedings{Duato2011,
 author = {Duato, Jose and Pena, Antonio J. and Silla, Federico and Mayo, Rafael and Quintana-Orti, Enrique S.},
 booktitle = {Proceedings of the 2011 International Conference on Parallel Processing (ICPP'11)},
 month = {September},
 pages = {365--374},
 publisher = {Ieee},
 title = {{Performance of CUDA Virtualized Remote GPUs in High Performance Clusters}},
 year = {2011}
}

@article{Dubrova2024Solving,
 author = {Dubrova, Elena},
 journal = {Cryptology ePrint Archive},
 title = {Solving AES-SAT Using Side-Channel Hints: A Practical Assessment},
 year = {2024}
}

@inproceedings{duck2020binary,
 author = {Duck, Gregory J and Gao, Xiang and Roychoudhury, Abhik},
 booktitle = {ACM SIGPLAN},
 title = {Binary rewriting without control flow recovery},
 year = {2020}
}

@misc{duckduckgo2024email,
 author = {DuckDuckGo},
 title = {{DuckDuckGo Email Protection}},
 url = {{https://duckduckgo.com/duckduckgo-help-pages/email-protection/what-is-duckduckgo-email-protection/}},
 year = {2024}
}

@inproceedings{Duflot2008,
 author = {Duflot, Lo{\"i}c},
 booktitle = {{ESORICS}},
 title = {{CPU Bugs, CPU Backdoors and Consequences on Security}},
 year = {2008}
}

@misc{DullienSeaborn2015github,
 author = {Mark Seaborn and Thomas Dullien},
 note = {Retrieved on July 27, 2015},
 title = {{Test DRAM for bit flips caused by the rowhammer problem}},
 url = {https://github.com/google/rowhammer-test},
 year = {2015}
}

@inproceedings{Dunn2011,
 author = {Dunn, Alan M and Hofmann, Owen S and Waters, Brent and Witchel, Emmett},
 booktitle = {USENIX Security Symposium},
 title = {{Cloaking Malware with the Trusted Platform Module}},
 year = {2011}
}

@inproceedings{Duran1981,
 author = {Duran, Joe W and Ntafos, Simeon},
 booktitle = {{5th International Conference on Software Engineering}},
 title = {{A report on random testing}},
 year = {1981}
}

@inproceedings{Durumeric2014,
 author = {Durumeric, Zakir and Li, Frank and Kasten, James and Amann, Johanna and Beekman, Jethro and Payer, Mathias and Weaver, Nicolas and Adrian, David and Paxson, Vern and Bailey, Michael and others},
 booktitle = {ACM IMC},
 title = {{The Matter of Heartbleed}},
 year = {2014}
}

@inproceedings{Dutta2019performance,
 author = {Dutta, Swastika and Sinha, Sayan},
 booktitle = {International Conference on Computing Frontiers},
 title = {Performance statistics and learning based detection of exploitative speculative attacks},
 year = {2019}
}

@article{dworkin2001advanced,
 author = {Dworkin, Morris J and Barker, Elaine B and Nechvatal, James R and Foti, James and Bassham, Lawrence E and Roback, E and Dray Jr, James F},
 title = {Advanced encryption standard (AES)},
 year = {2001}
}

@misc{Dygalo2024cssinline,
 author = {Dmitry Dygalo},
 title = {{PyPi - css-inline}},
 url = {{https://pypi.org/project/css-inline/}},
 year = {2024}
}

@misc{Eads2025Zen,
 author = {Josh Eads and Tavis Ormandy and Matteo Rizzo and Kristoffer Janke and Eduardo Vela Nava},
 title = {Zen and the Art of Microcode Hacking},
 url = {https://bughunters.google.com/blog/5424842357473280/zen-and-the-art-of-microcode-hacking},
 year = {2025}
}

@inproceedings{Easdon2022Rapid,
 author = {Catherine Easdon and Michael Schwarz and Martin Schwarzl and Daniel Gruss},
 booktitle = {USENIX Security},
 title = {{Rapid Prototyping for Microarchitectural Attacks}},
 year = {2022}
}

@article{Eastlake1999,
 author = {Eastlake, Donald E.},
 title = {{Domain name system security extensions}},
 year = {1999}
}

@inproceedings{Eckersley2010unique,
 author = {Eckersley, Peter},
 booktitle = {{PETS}},
 title = {{How unique is your web browser?}},
 year = {2010}
}

@misc{Eclypsium2018SMM,
 author = {Eclypsium},
 month = {May},
 title = {{System Management Mode Speculative Execution Attacks}},
 url = {https://blog.eclypsium.com/2018/05/17/system-management-mode-speculative-execution-attacks/},
 year = {2018}
}

@misc{Ecma2018spec,
 author = {ecma international},
 title = {{ECMAScript 2018 Language Specification}},
 url = {https://www.ecma-international.org/ecma-262/9.0/index.html},
 year = {2018}
}

@misc{Eddington2008,
 author = {Eddington, M},
 publisher = {CanSecWest},
 title = {{Peach fuzzer}},
 year = {2008}
}

@misc{Eddington_peach,
 author = {Michael Eddington},
 title = {{Peach Fuzzer}},
 url = {https://www.peach.tech/}
}

@article{Eder2016,
 author = {Eder, Kerstin and others},
 journal = {Microprocessors and Microsystems},
 publisher = {Elsevier},
 title = {{ENTRA: Whole-systems energy transparency}},
 volume = {47},
 year = {2016}
}

@misc{Edge2012libseccomp,
 author = {Edge, Jake},
 month = {April},
 title = {{A library for seccomp filters}},
 url = {https://lwn.net/Articles/494252/},
 year = {2012}
}

@misc{Edge2012nonewprivs,
 author = {Edge, Jake},
 month = {January},
 title = {{System call filtering and no\_new\_privs}},
 url = {https://lwn.net/Articles/475678/},
 year = {2012}
}

@misc{Edge2013Kaslr,
 author = {Edge, Jake},
 title = {{Kernel address space layout randomization}},
 url = {https://lwn.net/Articles/569635/},
 year = {2013}
}

@misc{Edge2015seccomp,
 author = {Edge, Jake},
 month = {September},
 title = {{A seccomp overview}},
 url = {https://lwn.net/Articles/656307/},
 year = {2015}
}

@misc{Edge2018,
 author = {Jake Edge},
 publisher = {{LWN}},
 title = {{A look at the handling of Meltdown and Spectre}},
 url = {https://lwn.net/Articles/743363/},
 year = {2018}
}

@misc{Edler1994dinero,
 author = {Edler, Jan},
 title = {Dinero IV: Trace-driven uniprocessor cache simulator},
 url = {http://www.cs.wisc.edu/\~markhill/DineroIV},
 year = {1994}
}

@misc{EFF2011NSAtrojan,
 author = {{Electronic Frontier Foundation}},
 no-url = {https://www.eff.org/deeplinks/2011/04/new-fbi-documents-show-depth-government},
 title = {New {FBI} Documents Provide Details on Government’s Surveillance Spyware},
 year = {2011}
}

@misc{eff2018starttls,
 author = {{Electronic Frontier Foundation (EFF)}},
 title = {{Announcing STARTTLS Everywhere: Securing Hop-to-Hop Email Delivery}},
 url = {https://www.eff.org/deeplinks/2018/06/announcing-starttls-everywhere-securing-hop-hop-email-delivery},
 year = {2018}
}

@inproceedings{Egelman2013markets,
 author = {Egelman, Serge and Herley, Cormac and Van Oorschot, Paul C},
 booktitle = {New Security Paradigms Workshop},
 title = {Markets for zero-day exploits: Ethics and implications},
 year = {2013}
}

@misc{Eickemeyer2006,
 author = {Eickemeyer, R. and Le, H. and Nguyen, D. and Stolt, B. and Thompto, B.},
 note = {US Patent App. 11/016,236},
 number = {US20060149935 A1},
 title = {Load lookahead prefetch for microprocessors},
 url = {https://encrypted.google.com/patents/US20060149935},
 year = {2006}
}

@incollection{Eisenbarth2010,
 author = {Eisenbarth, Thomas and Paar, Christof and Weghenkel, Bj{\"o}rn},
 booktitle = {Transactions on computational science X},
 publisher = {Springer},
 title = {{Building a Side Channel Based Disassembler}},
 year = {2010}
}

@misc{ElasticBlog2018,
 author = {{Elastic Blog}},
 title = {{Detecting Spectre and Meltdown Using Hardware Performance Counters}},
 url = {https://www.elastic.co/blog/detecting-spectre-and-meltdown-using-hardware-performance-counters},
 year = {2018}
}

@inproceedings{ElDefrawy2012,
 author = {{El Defrawy}, Karim and Francillon, Aur\'{e}lien and Perito, Daniele and Tsudik, Gene},
 booktitle = {NDSS'12},
 title = {{Secure and Minimal Architecture for (Establishing a Dynamic) Root of Trust}},
 year = {2012}
}

@misc{Electron2023Docs,
 author = {{OpenJS Foundation}},
 title = {Electron Docs},
 url = {https://www.electronjs.org/docs/latest/},
 year = {2023}
}

@article{embleton2013smm,
 author = {Embleton, Shawn and Sparks, Sherri and Zou, Cliff C},
 journal = {Security and Communication Networks},
 number = {12},
 pages = {1590--1605},
 publisher = {Wiley Online Library},
 title = {{SMM rootkit: a new breed of OS independent malware}},
 volume = {6},
 year = {2013}
}

@misc{EmScripten2019FileSystemAPI,
 author = {{emscripten.org}},
 title = {{File System API}},
 url = {https://emscripten.org/docs/api_reference/Filesystem-API.html},
 year = {2019}
}

@inproceedings{Englehardt2016tracking,
 author = {Englehardt, Steven and Narayanan, Arvind},
 booktitle = {{CCS}},
 title = {{Online tracking: A 1-million-site measurement and analysis}},
 year = {2016}
}

@article{englehardt2018never,
 author = {Englehardt, Steven and Han, Jeffrey and Narayanan, Arvind},
 journal = {Proc. Priv. Enhancing Technol.},
 title = {{I never signed up for this! Privacy implications of email tracking.}},
 year = {2018}
}

@inproceedings{Ergun1998spot,
 author = {Erg{\"u}n, Funda and Kannan, Sampath and Kumar, S Ravi and Rubinfeld, Ronitt and Viswanathan, Mahesh},
 booktitle = {ACM Symposium on Theory of Computing},
 title = {Spot-checkers},
 year = {1998}
}

@inproceedings{Erickson2010,
 author = {Erickson, John and Musuvathi, Madanlal and Burckhardt, Sebastian and Olynyk, Kirk},
 booktitle = {OSDI},
 title = {Effective Data-race Detection for the Kernel},
 year = {2010}
}

@article{ermolov2017hack,
 author = {Ermolov, Mark and Goryachy, Maxim},
 journal = {Black Hat Europe},
 title = {{How to hack a turned-off computer, or running unsigned code in intel management engine}},
 year = {2017}
}

@article{Ermolov2017JTAG,
 author = {Ermolov, Mark and Goryachy, Maxim},
 journal = {White Paper},
 title = {{Where There's a JTAG, There's a way: Obtaining full system access via USB}},
 url = {https://www.ptsecurity.com/upload/corporate/ww-en/analytics/Where-theres-a-JTAG-theres-a-way.pdf},
 year = {2017}
}

@article{ermolov2019hack,
 author = {Ermolov, Mark and Goryachy, Maxim},
 journal = {Black Hat Asia},
 title = {{Intel VISA: Through the Rabbit Hole}},
 year = {2019}
}

@article{ernst1997code,
 author = {Ernst, Jens and Evans, William and Fraser, Christopher W and Proebsting, Todd A and Lucco, Steven},
 journal = {ACM SIGPLAN Notices},
 number = {5},
 pages = {358--365},
 publisher = {ACM},
 title = {Code compression},
 volume = {32},
 year = {1997}
}

@inproceedings{Escouteloup2022dome,
 author = {Escouteloup, Mathieu
and Lashermes, Ronan
and Fournier, Jacques
and Lanet, Jean-Louis},
 booktitle = {Smart Card Research and Advanced Applications},
 title = {Under the Dome: Preventing Hardware Timing Information Leakage},
 year = {2022}
}

@misc{Esfahbod2024Text,
 author = {Behdad Esfahbod},
 title = {{State of Text Rendering 2024}},
 url = {https://behdad.org/text2024/},
 year = {2024}
}

@inproceedings{Esiyok2023accountable,
 author = {Esiyok, Ilkan and Berrang, Pascal and Cohn-Gordon, Katriel and K{\"u}nnemann, Robert},
 booktitle = {{{NDSS}}},
 title = {Accountable Javascript Code Delivery},
 year = {2023}
}

@inproceedings{Esser2008,
 author = {Esser, Stefan},
 booktitle = {{Zend Conference}},
 title = {{Lesser known security problems in PHP applications}},
 year = {2008}
}

@inproceedings{Ester1996,
 author = {Ester, Martin and Kriegel, Hans-Peter and Sander, J\"{o}rg and Xu, Xiaowei},
 booktitle = {Proceedings of 2nd International Conference on Knowledge Discovery and Data Mining (KDD'96)},
 title = {A density-based algorithm for discovering clusters in large spatial databases with noise.},
 year = {1996}
}

@misc{evandrofisico2024roundcube,
 author = {evandrofisico},
 title = {{RoundCube ImageProxy Plugin}},
 url = {{https://github.com/evandrofisico/roundcube-imageproxy}},
 year = {2024}
}

@inproceedings{Evtyushkin2015,
 author = {Evtyushkin, Dmitry and Ponomarev, Dmitry and Abu-Ghazaleh, Nael},
 booktitle = {HASP},
 title = {Covert channels through branch predictors: a feasibility study},
 year = {2015}
}

@inproceedings{Evtyushkin2016ASLR,
 author = {Evtyushkin, Dmitry and Ponomarev, Dmitry and Abu-Ghazaleh, Nael},
 booktitle = {MICRO},
 title = {{Jump Over ASLR: Attacking Branch Predictors to Bypass ASLR}},
 year = {2016}
}

@inproceedings{Evtyushkin2016RNG,
 author = {Evtyushkin, Dmitry and Ponomarev, Dmitry},
 booktitle = {CCS},
 title = {Covert Channels Through Random Number Generator: Mechanisms, Capacity Estimation and Mitigations},
 year = {2016}
}

@inproceedings{Evtyushkin2018,
 author = {Evtyushkin, Dmitry and Riley, Ryan and Abu-Ghazaleh, Nael CSE and ECE and Ponomarev, Dmitry},
 booktitle = {ASPLOS},
 title = {{BranchScope: A New Side-Channel Attack on Directional Branch Predictor}},
 year = {2018}
}

@inproceedings{Evtyushkin2021Computing,
 author = {Evtyushkin, Dmitry and Benjamin, Thomas and Elwell, Jesse and Eitel, Jeffrey A and Sapello, Angelo and Ghosh, Abhrajit},
 booktitle = {ASPLOS},
 title = {Computing with time: Microarchitectural weird machines},
 year = {2021}
}

@article{Eyre1993,
 author = {Eyre-Todd, Richard A},
 journal = {ACM Letters on Programming Languages and Systems (LOPLAS)},
 number = {1-4},
 pages = {127--134},
 publisher = {ACM},
 title = {{The detection of dangling references in C++ programs}},
 volume = {2},
 year = {1993}
}

@inproceedings{Fadiheh2019,
 author = {Fadiheh, Mohammad Rahmani and Stoffel, Dominik and Barrett, Clark and Mitra, Subhasish and Kunz, Wolfgang},
 booktitle = {DATE},
 title = {Processor hardware security vulnerabilities and their detection by unique program execution checking},
 year = {2019}
}

@article{fadiheh2022exhaustive,
 author = {Fadiheh, Mohammad Rahmani and Wezel, Alex and M{\"u}ller, Johannes and Bormann, J{\"o}rg and Ray, Sayak and Fung, Jason M and Mitra, Subhasish and Stoffel, Dominik and Kunz, Wolfgang},
 journal = {IEEE Transactions on Computers},
 title = {An exhaustive approach to detecting transient execution side channels in RTL designs of processors},
 year = {2022}
}

@inproceedings{faizkhademi2015fpguard,
 author = {Faiz Khademi, Amin and Zulkernine, Mohammad and Weldemariam, Komminist},
 booktitle = {Data and Applications Security and Privacy XXIX},
 title = {{FPGuard: Detection and prevention of browser fingerprinting}},
 year = {2015}
}

@misc{Falk2019load,
 author = {Brandon Falk},
 title = {{CPU Introspection: Intel Load Port Snooping}},
 url = {https://gamozolabs.github.io/metrology/2019/12/30/load-port-monitor.html},
 year = {2019}
}

@misc{Falk2019mlpds,
 author = {Falk, Brandon},
 title = {{I found MLPDS during writing an L1TF PoC}},
 url = {https://twitter.com/gamozolabs/status/1128793576026955776},
 year = {2019}
}

@misc{Falk2019sushi,
 author = {Brandon Falk},
 title = {{Sushi Roll: A CPU research kernel with minimal noise for cycle-by-cycle microarchitectural introspection}},
 url = {https://gamozolabs.github.io/metrology/2019/08/19/sushi_roll.html},
 year = {2019}
}

@inproceedings{Fang2012predict,
 author = {Fang, Zhen and Zhao, Li and Jiang, Xiaowei and Lu, Shih-lien and Iyer, Ravi and Li, Tong and Lee, Seung Eun},
 booktitle = {{International Symposium on Low Power Electronics and Design}},
 title = {{Reducing L1 caches power by exploiting software semantics}},
 year = {2012}
}

@inproceedings{Fangfei2015LLC,
 author = {Fangfei Liu, Yuval Yarom, Qian Ge, Gernot Heiser, Ruby B. Lee},
 booktitle = {IEEE symposium on security and privacy},
 title = {Last-level cache side-channel attacks are practical},
 year = {2015}
}

@article{Farhi2019Malboard,
 author = {Farhi, Nitzan and Nissim, Nir and Elovici, Yuval},
 journal = {Computers \& Security},
 title = {Malboard: A novel user keystroke impersonation attack and trusted detection framework based on side-channel analysis},
 volume = {85},
 year = {2019}
}

@inproceedings{Farley2012,
 author = {Farley, Benjamin and Varadarajan, Venkatanathan and Bowers, Kevin D and Juels, Ari and Ristenpart, Thomas and Swift, Michael M.},
 booktitle = {Proceedings of the 3rd ACM Symposium on Cloud Computing (SOCC'12)},
 title = {{More for Your Money: Exploiting Performance Heterogeneity in Public Clouds}},
 year = {2012}
}

@misc{fasthostsDedicatedRoot,
 author = {fasthosts},
 month = {May},
 title = {High performance dedicated servers},
 url = {https://www.fasthosts.co.uk/dedicated-servers},
 year = {2018}
}

@article{fastspec,
 author = {Tol, M Caner and Yurtseven, Koray and Gulmezoglu, Berk and Sunar, Berk},
 journal = {arXiv preprint arXiv:2006.14147},
 title = {FastSpec: Scalable Generation and Detection of Spectre Gadgets Using Neural Embeddings},
 year = {2020}
}

@inproceedings{faveri2025phantom,
 author = {de Faveri Tron, Alvise and Isemann, Raphael and Ragab, Hany and Giuffrida, Cristiano and von Gleissenthall, Klaus and Bos, Herbert},
 booktitle = {USENIX Security},
 title = {Phantom Trails: Practical Pre-Silicon Discovery of Transient Data Leaks},
 year = {2025}
}

@article{Fei2021Security,
 author = {Fei, Shufan and Yan, Zheng and Ding, Wenxiu and Xie, Haomeng},
 journal = {CSUR},
 title = {Security vulnerabilities of SGX and countermeasures: A survey},
 year = {2021}
}

@inproceedings{Felt2011survey,
 author = {Felt, Adrienne Porter and Finifter, Matthew and Chin, Erika and Hanna, Steve and Wagner, David},
 booktitle = {{Workshop on Security and privacy in smartphones and mobile devices}},
 title = {{A survey of mobile malware in the wild}},
 year = {2011}
}

@inproceedings{Felt2012Android,
 author = {Felt, Adrienne Porter and Ha, Elizabeth and Egelman, Serge and Haney, Ariel and Chin, Erika and Wagner, David},
 booktitle = {{SOUPS}},
 title = {Android permissions: User attention, comprehension, and behavior},
 year = {2012}
}

@inproceedings{Felten2000,
 author = {Felten, Edward W and Schneider, Michael A},
 booktitle = {CCS},
 title = {Timing attacks on web privacy},
 year = {2000}
}

@inproceedings{Felter2015,
 author = {Felter, Wes and Ferreira, Alexandre and Rajamony, Ram and Rubio, Juan},
 booktitle = {International Symposium On Performance Analysis of Systems and Software (ISPASS)},
 title = {An updated performance comparison of virtual machines and linux containers},
 year = {2015}
}

@inproceedings{Feng2004,
 author = {Feng, Henry Hanping and Giffin, Jonathon T and Huang, Yong and Jha, Somesh and Lee, Wenke and Miller, Barton P},
 booktitle = {{S\&P}},
 title = {{Formalizing sensitivity in static analysis for intrusion detection}},
 year = {2004}
}

@inproceedings{Feng2021Penglai,
 author = {Erhu Feng and Xu Lu and Dong Du and Bicheng Yang and Xueqiang Jiang and Yubin Xia and Binyu Zang and Haibo Chen},
 booktitle = {15th USENIX Symposium on Operating Systems Design and Implementation ({OSDI} 21)},
 title = {{Scalable Memory Protection in the {PENGLAI} Enclave}},
 year = {2021}
}

@misc{feo2022sikechannels,
 author = {Luca De Feo and Nadia El Mrabet and Aymeric Genêt and Novak Kaluđerović and Natacha Linard de Guertechin and Simon Pontié and Élise Tasso},
 howpublished = {Cryptology {ePrint} Archive, Paper 2022/054},
 title = {{SIKE} Channels},
 year = {2022}
}

@inproceedings{Ferraiuolo2018,
 author = {Ferraiuolo, Andrew and Zhao, Mark and Myers, Andrew C and Suh, G Edward},
 booktitle = {CCS},
 title = {HyperFlow: A processor architecture for nonmalleable, timing-safe information flow security},
 year = {2018}
}

@inproceedings{Ferri2009,
 author = {Ferri, Cesare and Bahar, Ruth Iris and Loghi, Mirko and Poncino, Massimo},
 booktitle = {{ACM Great Lakes symposium on VLSI}},
 title = {{Energy-optimal synchronization primitives for single-chip multi-processors}},
 year = {2009}
}

@misc{Fetiveau2020ChromeTyperBugs,
 author = {{Fetiveau}},
 title = {{Circumventing Chrome's hardening of typer bugs}},
 url = {https://doar-e.github.io/blog/2019/05/09/circumventing-chromes-hardening-of-typer-bugs/},
 year = {2019}
}

@misc{Ffmpeg2025Ffmpeg7.1.1,
 author = {FFmpeg},
 title = {FFmpeg 7.1.1},
 url = {https://ffmpeg.org/releases/ffmpeg-7.1.1.tar.xz},
 year = {2025}
}

@misc{FGKASLR_v5,
 author = {{Accardi, Kristen Carlson}},
 title = {{Function Granular KASLR}},
 url = {https://patchwork.kernel.org/project/kernel-hardening/list/?series=354389},
 year = {2020}
}

@misc{Fibocom2013AT,
 author = {{Fibocom}},
 title = {{AT Commands User Manual}},
 url = {https://web.archive.org/web/20240616014731/https://www.maritex.com.pl/product/attachment/40451/15b4db6d1a10eada42700f7293353776},
 version = {VR1.0.9},
 year = {2013}
}

@manual{fideduperange,
 author = {Linux},
 month = {December},
 title = {{IOCTL-FIDEDUPERANGE(2) Linux Programmer's Manual}},
 year = {2016}
}

@inproceedings{fifield2015fingerprinting,
 author = {{Fifield, David and Egelman, Serge}},
 booktitle = {FC},
 title = {Fingerprinting web users through font metrics},
 year = {2015}
}

@misc{filereader_api,
 author = {{EmScripten File System API}},
 url = {https://emscripten.org/docs/api_reference/Filesystem-API.html},
 year = {2019}
}

@misc{Fingerprint2024fraud,
 author = {Fingerprint},
 title = {{Detect and Prevent Payment Fraud with Device Intelligence}},
 url = {{https://fingerprint.com/payment-fraud/}},
 year = {2024}
}

@misc{Fingerprint2024nojs,
 author = {Fingerprint},
 title = {{No-JS fingerprinting}},
 url = {{https://noscriptfingerprint.com/}},
 year = {2024}
}

@misc{Fingerprintjs2023Fonts,
 author = {FingerprintJS},
 title = {{Font List for Fingerprinting}},
 url = {{https://github.com/fingerprintjs/fingerprintjs/blob/master/src/sources/fonts.ts}},
 year = {2023}
}

@misc{Fingerprintjs2023github,
 author = {FingerprintJS},
 title = {{FingerprintJS}},
 url = {{https://github.com/fingerprintjs/fingerprintjs}},
 year = {2024}
}

@misc{Fingerprintjs2024casestudies,
 author = {Fingerprint},
 title = {{Case Studies}},
 url = {{https://fingerprint.com/case-studies/}},
 year = {2024}
}

@incollection{fink2014spa,
 author = {Fink, Gil and Flatow, Ido},
 booktitle = {Pro single page application development: Using backbone. js and asp. net},
 title = {Introducing single page applications},
 year = {2014}
}

@inproceedings{fiore2014countering,
 author = {Fiore, Ugo and Castiglione, Aniello and De Santis, Alfredo and Palmieri, Francesco},
 booktitle = {NBiS},
 title = {{Countering browser fingerprinting techniques: Constructing a fake profile with google chrome}},
 year = {2014}
}

@misc{fips203,
 author = {NIST},
 doi = {https://doi.org/10.6028/NIST.FIPS.203},
 title = {{FIPS 203: Module-Lattice-Based Key-Encapsulation Mechanism Standard}},
 year = {2024}
}

@misc{Firefox2019fission,
 author = {Mozilla Wiki},
 title = {{Project Fission}},
 url = {https://wiki.mozilla.org/Project_Fission},
 year = {2019}
}

@misc{Firefox2019sandbox,
 author = {Mozilla Wiki},
 month = {December},
 title = {{Security/Sandbox}},
 url = {https://wiki.mozilla.org/Security/Sandbox},
 year = {2019}
}

@misc{Firefox2024Gecko,
 author = {Firefox Source Docs},
 title = {{Gecko}},
 url = {{https://firefox-source-docs.mozilla.org/overview/gecko.html}},
 year = {2024}
}

@misc{Firefox52BatteryAPI,
 author = {{Chris Peterson}},
 title = {{Bug 1313580: Remove web content access to Battery API}},
 url = {https://bugzilla.mozilla.org/show_bug.cgi?id=1313580},
 year = {2016}
}

@misc{firefox_jsapi,
 author = {Developer Mozilla},
 url = {https://developer.mozilla.org/en-US/docs/Mozilla/Projects/SpiderMonkey/JSAPI_reference},
 year = {2019}
}

@misc{FirefoxSharedArrayBuffer,
 author = {Anne van Kesteren},
 title = {{Safely reviving shared memory}},
 url = {https://hacks.mozilla.org/2020/07/safely-reviving-shared-memory/},
 year = {2020}
}

@misc{Firejail,
 key = {Firejail},
 title = {Firejail Security Sandbox},
 url = {https://firejail.wordpress.com/},
 year = {2018}
}

@misc{firejail2016firejail,
 author = {Firejail},
 title = {{Firejail Security Sandbox}},
 url = {https://firejail.wordpress.com/},
 year = {2016}
}

@article{Fischer1980,
 author = {Fischer, Charles N. and LeBlanc, Richard J.},
 journal = {IEEE Transactions on Software Engineering},
 number = {4},
 pages = {313--319},
 publisher = {IEEE},
 title = {{The implementation of run-time diagnostics in Pascal}},
 year = {1980}
}

@article{Flanagan2010,
 author = {Flanagan, Cormac and Freund, Stephen N.},
 journal = {Commun. ACM},
 title = {FastTrack: Efficient and Precise Dynamic Race Detection},
 year = {2010}
}

@misc{FLAREGithub},
 author = {{IAIK}},
 title = {{FLARE}},
 url = {https://github.com/IAIK/FLARE},
 year = {202o}
}

@inproceedings{fletcher2012secure,
 author = {Fletcher, Christopher W and Dijk, Marten van and Devadas, Srinivas},
 booktitle = {STC},
 title = {A secure processor architecture for encrypted computation on untrusted programs},
 year = {2012}
}

@inproceedings{fletchery2014suppressing,
 author = {Fletchery, Christopher W and Ren, Ling and Yu, Xiangyao and Van Dijk, Marten and Khan, Omer and Devadas, Srinivas},
 booktitle = {HPCA},
 title = {Suppressing the oblivious ram timing channel while making information leakage and program efficiency trade-offs},
 year = {2014}
}

@inproceedings{Flynn1972Some,
 author = {Flynn, Michael J},
 journal = {IEEE transactions on computers},
 title = {Some computer organizations and their effectiveness},
 year = {1972}
}

@article{Fobian2016firefox,
 author = {Fobian, Andreas and Bender, Carl-Benedikt},
 title = {{Firefox 0-day targeting Tor-users}},
 year = {2016}
}

@misc{Fog2015AVXa,
 author = {John D. McCalpin},
 title = {Test results for {Intel}'s {Sandy Bridge} processor},
 url = {http://agner.org/optimize/blog/read.php?i=378#378},
 year = {2015}
}

@misc{Fog2015AVXb,
 author = {Agner Fog},
 title = {Test results for Broadwell and Skylake},
 url = {http://www.agner.org/optimize/blog/read.php?i=415#415},
 year = {2015}
}

@misc{Fog2016,
 author = {Agner Fog},
 title = {The microarchitecture of {Intel}, {AMD} and {VIA} {CPU}s: An optimization guide for assembly programmers and compiler makers},
 year = {2024}
}

@misc{Fogh2015Blog,
 author = {Fogh, Anders},
 title = {Cache side channel attacks},
 url = {http://dreamsofastone.blogspot.co.at/2015/09/cache-side-channel-attacks.html},
 year = {2015}
}

@misc{Fogh2016shotgun,
 author = {Fogh, Anders},
 title = {{Covert Shotgun: automatically finding SMT covert channels}},
 url = {https://cyber.wtf/2016/09/27/covert-shotgun/},
 year = {2016}
}

@inproceedings{Fogh2016using,
 author = {Fogh, Anders and Gruss, Daniel},
 booktitle = {BlackHat USA},
 title = {{Using Undocumented CPU Behavior to See Into Kernel Mode and Break KASLR in the Process}},
 year = {2016}
}

@misc{Fogh2017Speculative,
 author = {Fogh, Anders},
 title = {{Negative Result: Reading Kernel Memory From User Mode}},
 url = {https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/},
 year = {2017}
}

@misc{Fogh2018Behind,
 author = {Anders Fogh},
 title = {{Behind the scenes of a bug collision}},
 url = {https://cyber.wtf/2018/01/05/behind-the-scene-of-a-bug-collision/},
 year = {2018}
}

@inproceedings{Fogh2018blackhat,
 author = {Anders Fogh and Christopher Ertl},
 booktitle = {{BlackHat USA}},
 title = {{Wrangling the Ghost: An Inside Story of Mitigating Speculative Execution Side Channel Vulnerabilities}},
 year = {2018}
}

@misc{Fogh2018retpoline,
 author = {Fogh, Anders},
 title = {{In debt to Retpoline}},
 url = {https://cyber.wtf/2018/02/13/in-debt-to-retpoline/},
 year = {2018}
}

@article{Foltynek2020plagiarism,
 author = {Folt{\`y}nek, Tom{\'a}{\v{s}} and Dlabolov{\'a}, Dita and Anohina-Naumeca, Alla and Raz{\i}, Salim and Kravjar, J{\'u}lius and Kamzola, Laima and Guerrero-Dib, Jean and {\c{C}}elik, {\"O}zg{\"u}r and Weber-Wulff, Debora},
 journal = {International Journal of Educational Technology in Higher Education},
 title = {Testing of support tools for plagiarism detection},
 volume = {17},
 year = {2020}
}

@inproceedings{Forrester2000,
 author = {Forrester, Justin E and Miller, Barton P},
 booktitle = {4th USENIX Windows System Symposium},
 title = {An empirical study of the robustness of Windows NT applications using random testing},
 year = {2000}
}

@inproceedings{Foster2008,
 author = {Foster, Ian and Zhao, Yong and Raicu, Ioan and Lu, Shiyong},
 booktitle = {Proceedings of the Grid Computing Environments Workshop (GCE '08)},
 pages = {1--10},
 title = {{Cloud Computing and Grid Computing 360-Degree Compared}},
 year = {2008}
}

@inproceedings{France2021Hammersim,
 author = {France, Lo{\"\i}c and Bruguier, Florent and Mushtaq, Maria and Novo, David and Benoit, Pascal},
 booktitle = {RSP},
 organization = {IEEE},
 title = {Implementing Rowhammer Memory Corruption in the gem5 Simulator},
 year = {2021}
}

@article{Franklin2007,
 author = {Franklin, Jason and Luk, Mark and McCune, Jonathan M. and Seshadri, Arvind and Perrig, Adrian and van Doorn, Leendert},
 journal = {ACM SIGOPS Operating Systems Review},
 number = {3},
 pages = {83--92},
 title = {{Remote Detection of Virtual Machine Monitors with Fuzzy Benchmarking}},
 volume = {42},
 year = {2007}
}

@book{Fraser1995LCC,
 author = {Fraser, Christopher W and Hanson, David R},
 title = {A retargetable C compiler: design and implementation},
 year = {1995}
}

@inproceedings{Fratantonio2017,
 author = {Fratantonio, Yanick and Qian, Chenxiong and Chung, Simon P and Lee, Wenke},
 booktitle = {{S\&P}},
 title = {{Cloak and dagger: from two permissions to complete control of the UI feedback loop}},
 year = {2017}
}

@techreport{Fratric2012,
 author = {Fratri{\'c}, Ivan},
 institution = {Technical report},
 title = {{ROPGuard: Runtime Prevention of Return-Oriented Programming Attacks}},
 year = {2012}
}

@inproceedings{Friedman1999,
 author = {Friedman, Mark B},
 booktitle = {{Int. CMG Conference}},
 title = {{Windows NT page replacement policies}},
 year = {1999}
}

@inproceedings{Frigo2018rowhammer,
 author = {Frigo, Pietro and Giuffrida, Cristiano and Bos, Herbert and Razavi, Kaveh},
 booktitle = {S\&{P}},
 title = {Grand {Pwning} {Unit}: {Accelerating} {Microarchitectural} {Attacks} with the {GPU}},
 year = {2018}
}

@inproceedings{Frigo2020TRRespass,
 author = {Frigo, Pietro and Vannacci, Emanuele and Hassan, Hasan and van der Veen, Victor and Mutlu, Onur and Giuffrida, Cristiano and Bos, Herbert and Razavi, Kaveh},
 booktitle = {S\&{P}},
 title = {{TRRespass}: {Exploiting} the {Many} {Sides} of {Target} {Row} {Refresh}},
 year = {2020}
}

@misc{Frisk2016KASLR,
 author = {Ulf Frisk},
 title = {{Windows 10 KASLR Recovery with TSX}},
 url = {http://blog.frizk.net/2016/11/windows-10-kaslr-recovery-with-tsx.html},
 year = {2016}
}

@misc{FrysingerVdso,
 author = {Mike Frysinger},
 title = {vdso(7) — Linux manual page},
 year = {2024}
}

@inproceedings{Fu1992stride,
 author = {Fu, John W. C. and Patel, Janak H. and Janssens, Bob L.},
 booktitle = {Proceedings of the 25th Annual International Symposium on Microarchitecture},
 month = {December},
 series = {MICRO 25},
 title = {Stride Directed Prefetching in Scalar Processors},
 year = {1992}
}

@inproceedings{fu2017lapd,
 author = {Fu, Yangchun and Bauman, Erick and Quinonez, Raul and Lin, Zhiqiang},
 booktitle = {International Symposium on Research in Attacks, Intrusions, and Defenses},
 organization = {Springer},
 title = {SGX-LAPD: Thwarting Controlled Side Channel Attacks via Enclave Verifiable Page Faults},
 year = {2017}
}

@inproceedings{Fuchs2015,
 author = {Fuchs, Adi and Lee, Ruby B.},
 booktitle = {Proceedings of the 8th ACM International Systems and Storage Conference (SYSTOR'15)},
 title = {{Disruptive Prefetching: Impact on Side-Channel Attacks and Cache Designs}},
 year = {2015}
}

@article{Fuchs2021Developing,
 author = {Fuchs, Franz A and Woodruff, Jonathan and Moore, Simon W and Neumann, Peter G and Watson, Robert NM},
 title = {{Developing a Test Suite for Transient-Execution Attacks on RISC-V and CHERI-RISC-V}},
 year = {2021}
}

@inproceedings{FuchsiaBH2020,
 author = {Matthew Riley},
 booktitle = {{Black Hat Briefings}},
 title = {{A Little Less Speculation, a Little More Action: A Deep Dive into Fuchsia's Mitigations for Specific CPU Side-Channel Attacks}},
 year = {2020}
}

@inproceedings{Fuhr2013fault,
 author = {Fuhr, Thomas and Jaulmes, {\'E}liane and Lomn{\'e}, Victor and Thillard, Adrian},
 booktitle = {FDTC},
 organization = {IEEE},
 title = {Fault attacks on AES with faulty ciphertexts only},
 year = {2013}
}

@inproceedings{Fujii2013a,
 author = {Fujii, Yusuke and Azumi, Takuya and Nishio, Nobuhiko and Kato, Shinpei and Edahiro, Masato},
 booktitle = {Proceedings of the 19th IEEE International Conference on Parallel and Distributed Systems (ICPADS'13)},
 title = {{Data Transfer Matters for GPU Computing}},
 year = {2013}
}

@inproceedings{Fujii2013exploring,
 author = {Fujii, Yusuke and Azumi, Takuya and Nishio, Nobuhiko and Kato, Shinpei},
 booktitle = {Proceedings of the 4th Asia-Pacific Workshop on Systems (APSys '13)},
 pages = {1--6},
 title = {{Exploring microcontrollers in GPUs}},
 year = {2013}
}

@masterthesis{Fusi2017,
 author = {Fusi, Matteo},
 title = {{Information-Leakage Analysis Based on Hardware Performance Counters}},
 year = {2017}
}

@misc{FusionSphere2016,
 author = {Huawei},
 month = {October},
 title = {Huawei Teams with Intel to Accelerate Adoption of Private Cloud Infrastructure for the Enterprise},
 url = {http://www.huawei.com/en/press-events/news/2016/10/Huawei-Intel-Private-Cloud-Infrastructure-Enterprise},
 year = {2017}
}

@inproceedings{Fustos2019,
 author = {Fustos, Jacob and Farshchi, Farzad and Yun, Heechul},
 booktitle = {DAC},
 title = {{SpectreGuard: An Efficient Data-centric Defense Mechanism against Spectre Attacks}},
 year = {2019}
}

@article{Fustos2020,
 author = {Fustos, Jacob and Yun, Heechul},
 journal = {arXiv:2003.12208},
 title = {{SpectreRewind: A Framework for Leaking Secrets to Past Instructions}},
 year = {2020}
}

@article{gallagher2013digital,
 author = {Gallagher, Patrick},
 journal = {Federal Information Processing Standards Publications, volume FIPS},
 pages = {186--3},
 title = {{Digital signature standard (DSS)}},
 year = {2013}
}

@misc{Galowicz2018,
 author = {{Jacek Galowicz}},
 title = {{Cyberus Technology - Meltdown}},
 url = {https://www.cyberus-technology.de/posts/2018-01-03-meltdown.html},
 year = {2018}
}

@misc{GamingOnLinux2023DesktopEnv,
 author = {GamingOnLinux},
 title = {{Desktop Environment Trends}},
 url = {https://www.gamingonlinux.com/users/statistics/#DesktopEnvironment-top},
 year = {2023}
}

@inproceedings{Ganesh2009,
 author = {Ganesh, Vijay and Leek, Tim and Rinard, Martin},
 booktitle = {{31st International Conference on Software Engineering}},
 title = {{Taint-based directed whitebox fuzzing}},
 year = {2009}
}

@inproceedings{Gao2017,
 author = {Gao, Xing and Gu, Zhongshu and Kayaalp, Mehmet and Pendarakis, Dimitrios and Wang, Haining},
 booktitle = {DSN},
 title = {{ContainerLeaks: Emerging Security Threats of Information Leakages in Container Clouds}},
 year = {2017}
}

@inproceedings{Garcia2017constant,
 author = {Cesar Pereida Garc{\'\i}a and Billy Bob Brumley},
 booktitle = {{USENIX} Security Symposium},
 title = {{Constant-Time Callees with Variable-Time Callers}},
 year = {2017}
}

@inproceedings{Garcia2020Certified,
 author = {Garc{\'\i}a, Cesar Pereida and Ul Hassan, Sohaib and Tuveri, Nicola and Gridin, Iaroslav and Aldaya, Alejandro Cabrera and Brumley, Billy Bob},
 booktitle = {USENIX Security Symposium},
 title = {{Certified side channels}},
 year = {2020}
}

@inproceedings{Garetto2003modeling,
 author = {Garetto, Michele and Gong, Weibo and Towsley, Don},
 booktitle = {{IEEE INFOCOM}},
 title = {{Modeling malware spreading dynamics}},
 year = {2003}
}

@inproceedings{Garfinkel2003terra,
 author = {Garfinkel, Tal and Pfaff, Ben and Chow, Jim},
 booktitle = {ACM SIGOPS Operating Systems Review},
 title = {{Terra: A virtual machine-based platform for trusted computing}},
 year = {2003}
}

@inproceedings{garfinkel2003traps,
 author = {Garfinkel, Tal and others},
 booktitle = {NDSS},
 pages = {163--176},
 title = {Traps and Pitfalls: Practical Problems in System Call Interposition Based Security Tools.},
 volume = {3},
 year = {2003}
}

@inproceedings{garfinkel2004ostia,
 author = {Garfinkel, Tal and Pfaff, Ben and Rosenblum, Mendel and others},
 booktitle = {NDSS},
 title = {Ostia: A Delegating Architecture for Secure System Call Interposition.},
 year = {2004}
}

@inproceedings{Garfinkel2007,
 author = {Garfinkel, Tal and Adams, Keith and Warfield, Andrew and Franklin, Jason},
 booktitle = {Proceedings of the 11th USENIX workshop on Hot topics in Operating Systems (HotOS'07)},
 title = {{Compatibility is Not Transparency: VMM Detection Myths and Realities}},
 year = {2007}
}

@inproceedings{garmany2013prime,
 author = {Garmany, Behrad and M\"{u}ller, Tilo},
 booktitle = {ACSAC},
 title = {PRIME: private RSA infrastructure for memory-less encryption},
 year = {2013}
}

@misc{Garnier2016KASLR,
 author = {Garnier, Thomas},
 month = {August},
 title = {{Kernel memory randomization and trampoline page tables}},
 url = {https://medium.com/@mxatone/kernel-memory-randomization-and-trampoline-page-tables-9f73827270ab},
 year = {2016}
}

@inproceedings{Garrido2009Planning,
 author = {Garrido, Antonio and Arangu, Marlene and Onaindia, Eva},
 booktitle = {Journal of Scheduling},
 title = {A constraint programming formulation for planning: from plan scheduling to plan generation},
 year = {2009}
}

@misc{Gartner2024iphone,
 author = {Gartner},
 title = {{iPhone unit shipments as share of global smartphone shipments from 3rd quarter 2007 to 4th quarter 2023}},
 url = {{https://www.statista.com/statistics/216459/global-market-share-of-apple-iphone/}},
 year = {2024}
}

@inproceedings{gast2023squip,
 author = {Gast, Stefan and Juffinger, Jonas and Schwarzl, Martin and Saileshwar, Gururaj and Kogler, Andreas and Franza, Simone and K{\"o}stl, Markus and Gruss, Daniel},
 booktitle = {S\&P},
 title = {{Squip: Exploiting the scheduler queue contention side channel}},
 year = {2023}
}

@inproceedings{Gast2024javasquip,
 author = {Gast, Stefan and Juffinger, Jonas and Maar, Lukas and Royer, Christoph and Kogler, Andreas and Gruss, Daniel},
 booktitle = {Financial Cryptography and Data Security},
 title = {Remote Scheduler Contention Attacks},
 year = {2024}
}

@inproceedings{Gauthier2011,
 author = {Gauthier, Amaury and Mazin, Cl{\'e}ment and Iguchi-Cartigny, Julien and Lanet, Jean-Louis},
 booktitle = {{Sixth International Conference on Availability, Reliability and Security (ARES)}},
 title = {{Enhancing fuzzing technique for OKL4 syscalls testing}},
 year = {2011}
}

@misc{GC2018throughput,
 author = {Google},
 title = {Egress throughput caps},
 url = {https://cloud.google.com/compute/docs/networks-and-firewalls#egress_throughput_caps},
 year = {2018}
}

@misc{GCC2018retpolinecfi,
 author = {Florian Weimer},
 title = {Retpolines and CFI},
 url = {https://gcc.gnu.org/ml/gcc/2018-01/msg00160.html},
 year = {2018}
}

@misc{gcc2018speculation,
 author = {Earnshaw, Richard},
 title = {{Mitigation against unsafe data speculation (CVE-2017-5753)}},
 year = {2018}
}

@misc{GCC2024gcc14,
 author = {{GCC Team}},
 note = {Retrieved 2024-09-20},
 title = {{GCC 14 Release Series - Changes, New Features, and Fixes}},
 url = {https://gcc.gnu.org/gcc-14/changes.html},
 year = {2024}
}

@inproceedings{Ge2014Sprobes,
 author = {Ge, Xinyang and Vijayakumar, Hayawardh and Jaeger, Trent},
 booktitle = {{Workshop on Mobile Security Technologies (MoST)}},
 title = {{Sprobes: Enforcing kernel code integrity on the trustzone architecture}},
 year = {2014}
}

@article{Ge2016,
 author = {Ge, Qian and Yarom, Yuval and Cock, David and Heiser, Gernot},
 journal = {Journal of Cryptographic Engineering},
 title = {{A Survey of Microarchitectural Timing Attacks and Countermeasures on Contemporary Hardware}},
 year = {2016}
}

@article{Ge2017processor,
 author = {Qian Ge and Yuval Yarom and Frank Li and Gernot Heiser},
 journal = {arXiv:1612.04474v6},
 title = {{Your Processor Leaks Information - and There's Nothing You Can Do About It}},
 year = {2017}
}

@inproceedings{Ge2019adaptimer,
 author = {Ge, Jingquan and Gao, Neng and Tu, Chenyang and Xiang, Ji and Liu, Zeyi},
 booktitle = {Conference on Computer Design (ICCD)},
 title = {AdapTimer: Hardware/Software Collaborative Timer Resistant to Flush-Based Cache Attacks on ARM-FPGA Embedded SoC},
 year = {2019}
}

@inproceedings{geimer2023systematic,
 author = {Geimer, Antoine and Vergnolle, Math{\'e}o and Recoules, Fr{\'e}d{\'e}ric and Daniel, Lesly-Ann and Bardin, S{\'e}bastien and Maurice, Cl{\'e}mentine},
 booktitle = {SIGSAC},
 title = {A Systematic Evaluation of Automated Tools for Side-Channel Vulnerabilities Detection in Cryptographic Libraries},
 year = {2023}
}

@misc{GeizhalsTSX2019,
 author = {{Preisvergleich Internet Services AG}},
 note = {Retrieved 2019-04-22},
 title = {{Intel with Packaging: tray, Listed since: from 2013}},
 url = {https://geizhals.eu/?cat=cpu1151&xf=3362_2013%7E590_tray}
}

@inproceedings{gelernter2015cross,
 author = {Gelernter, Nethanel and Herzberg, Amir},
 booktitle = {{CCS}},
 title = {Cross-Site Search Attacks},
 year = {2015}
}

@article{Gellman2013tor,
 author = {Gellman, Barton and Timberg, Craig and Rich, Steven},
 journal = {The Washington Post},
 pages = {4},
 title = {{Secret NSA documents show campaign against Tor encrypted network}},
 year = {2013}
}

@misc{gem52023m5readme,
 author = {gem5},
 title = {gem5 m5 README},
 url = {https://gem5.googlesource.com/public/gem5/+/master/util/m5/},
 year = {2023}
}

@inproceedings{genkin2015stealing,
 author = {Genkin, Daniel and Pachmanov, Lev and Pipman, Itamar and Tromer, Eran},
 booktitle = {International workshop on cryptographic hardware and embedded systems},
 organization = {Springer},
 pages = {207--228},
 title = {{Stealing keys from PCs using a radio: Cheap electromagnetic attacks on windowed exponentiation}},
 year = {2015}
}

@article{Genkin2017,
 author = {Genkin, Daniel and Shamir, Adi and Tromer, Eran},
 journal = {Journal of Cryptology},
 title = {{Acoustic Cryptanalysis}},
 year = {2017}
}

@inproceedings{Genkin2018drive,
 author = {Genkin, Daniel and Pachmanov, Lev and Tromer, Eran and Yarom, Yuval},
 booktitle = {{ACNS}},
 title = {{Drive-by Key-Extraction Cache Attacks from Portable Code}},
 year = {2018}
}

@inproceedings{GenkinVY17,
 author = {Daniel Genkin and
Luke Valenta and
Yuval Yarom},
 booktitle = {CCS},
 pages = {845--858},
 title = {May the Fourth Be With You: {A} Microarchitectural Side Channel Attack
on Several Real-World Applications of {Curve25519}},
 year = {2017}
}

@inproceedings{Gens2017,
 author = {Gens, David and Arias, Orlando and Sullivan, Dean and Liebchen, Christopher and Jin, Yier and Sadeghi, Ahmad-Reza},
 booktitle = {RAID},
 title = {{LAZARUS: Practical Side-Channel Resilient Kernel-Space Randomization}},
 year = {2017}
}

@inproceedings{gentry2009fully,
 author = {Gentry, Craig and others},
 booktitle = {Stoc},
 number = {2009},
 pages = {169--178},
 title = {{Fully homomorphic encryption using ideal lattices.}},
 volume = {9},
 year = {2009}
}

@article{gerhorst2024mitigating,
 author = {Gerhorst, Luis and Herzog, Henriette and W{\"a}gemann, Peter and Ott, Maximilian and Kapitza, R{\"u}diger and H{\"o}nig, Timo},
 journal = {arXiv e-prints},
 title = {Mitigating Spectre-PHT using Speculation Barriers in Linux BPF},
 year = {2024}
}

@inproceedings{Gerlach2023A,
 author = {Lukas Gerlach and Daniel Weber and Ruiyi Zhang and Michael Schwarz},
 booktitle = {S\&P},
 title = {{A Security RISC: Microarchitectural Attacks on Hardware RISC-V CPUs}},
 year = {2023}
}

@inproceedings{Gerlach2023Rowhammer,
 author = {Lukas Gerlach and Fabian Thomas and Robert Pietsch and Michael Schwarz},
 booktitle = {ESORICS},
 title = {{A Large-Scale Rowhammer Reproduction Study Using the Blacksmith Fuzzer}},
 year = {2023}
}

@inproceedings{Gerlach2023SecurityRISC,
 author = {Gerlach, Lukas and Weber, Daniel and Zhang, Ruiyi and Schwarz, Michael},
 booktitle = {S\&P},
 title = {{A Security RISC: Microarchitectural Attacks on Hardware RISC-V CPUs}},
 year = {2023}
}

@inproceedings{Gerlach2024Hash,
 author = {Lukas Gerlach and Simon Schwarz and Nicolas Faroß and Michael Schwarz},
 booktitle = {S\&P},
 title = {{Efficient and Generic Microarchitectural Hash-Function Recovery}},
 year = {2024}
}

@inproceedings{gerlach2025compilers,
 author = {Gerlach, Lukas and Pietsch, Robert and Schwarz, Michael},
 booktitle = {FC},
 title = {Do Compilers Break Constant-time Guarantees?},
 year = {2025}
}

@inproceedings{ghaffarinia2019binary,
 author = {Ghaffarinia, Masoud and Hamlen, Kevin W},
 booktitle = {CCS},
 title = {Binary Control-Flow Trimming},
 year = {2019}
}

@inproceedings{ghaniyoun2021introspectre,
 author = {Ghaniyoun, Moein and Barber, Kristin and Zhang, Yinqian and Teodorescu, Radu},
 booktitle = {ISCA},
 title = {Introspectre: A pre-silicon framework for discovery and analysis of transient execution vulnerabilities},
 year = {2021}
}

@misc{Ghasempour2015,
 author = {Ghasempour, Mohsen and Lujan, Mikel and Garside, Jim},
 title = {{ARMOR: A Run-time Memory Hot-Row Detector}},
 url = {http://apt.cs.manchester.ac.uk/projects/ARMOR/RowHammer},
 year = {2015}
}

@inproceedings{Ghavamnia2020,
 author = {Ghavamnia, Seyedhamed and Palit, Tapti and Mishra, Shachee and Polychronakis, Michalis},
 booktitle = {{USENIX Security Symposium}},
 month = {August},
 title = {{Temporal System Call Specialization for Attack Surface Reduction}},
 year = {2020}
}

@inproceedings{ghavamnia2020confine,
 author = {Ghavamnia, Seyedhamed and Palit, Tapti and Benameur, Azzedine and Polychronakis, Michalis},
 booktitle = {RAID},
 title = {{Confine: Automated system call policy generation for container attack surface reduction}},
 year = {2020}
}

@article{Ghose2018,
 author = {Ghose, Saugata and Yaglik\c{c}i, Abdullah Giray and Gupta, Raghav and Lee, Donghyuk and Kudrolli, Kais and Liu, William X. and Hassan, Hasan and Chang, Kevin K. and Chatterjee, Niladrish and Agrawal, Aditya and O'Connor, Mike and Mutlu, Onur},
 journal = {Proceedings of the ACM on Measurement and Analysis of Computing Systems},
 number = {3},
 publisher = {ACM},
 title = {{What Your DRAM Power Models Are Not Telling You: Lessons from a Detailed Experimental Study}},
 volume = {2},
 year = {2018}
}

@article{giechaskiel2019leakier,
 author = {Giechaskiel, Ilias and Eguro, Ken and Rasmussen, Kasper B},
 journal = {ACM Transactions on Reconfigurable Technology and Systems (TRETS)},
 number = {3},
 pages = {11},
 publisher = {ACM},
 title = {Leakier Wires: Exploiting FPGA Long Wires for Covert-and Side-channel Attacks},
 volume = {12},
 year = {2019}
}

@inproceedings{Gilger2012,
 author = {Gilger, Johannes and Barnickel, Johannes and Meyer, Ulrike},
 booktitle = {Proceedings of the 15th international conference on Information Security (ISC'12)},
 pages = {338--353},
 title = {{GPU-Acceleration of Block Ciphers in the OpenSSL Cryptographic Library}},
 year = {2012}
}

@inproceedings{Giner2022lvi,
 author = {Lukas Giner and Andread Kogler and Claudio Alberto Canella and Michael Schwarz and Daniel Gruss},
 booktitle = {{USENIX Security Symposium}},
 title = {Repurposing Segmentation as a Practical LVI-NULL Mitigation in SGX},
 year = {2022}
}

@inproceedings{Giner2025Cohere,
 author = {Giner, Lukas and Neela, Sudheendra Raghav and Gruss, Daniel},
 booktitle = {DIMVA},
 title = {{Cohere+Reload: Re-enabling High-Resolution Cache Attacks on AMD SEV-SNP}},
 urlpaper = {https://ginerlukas.com/publications/papers/CohereReload.pdf},
 year = {2025}
}

@inproceedings{Gionta2016diversification,
 author = {Gionta, Jason and Enck, William and Larsen, Per},
 booktitle = {Communications and Network Security (CNS)},
 title = {Preventing kernel code-reuse attacks through disclosure resistant code diversification},
 year = {2016}
}

@inproceedings{gionta2016preventing,
 author = {Gionta, Jason and Enck, William and Larsen, Per},
 booktitle = {IEEE CNS},
 title = {Preventing kernel code-reuse attacks through disclosure resistant code diversification},
 year = {2016}
}

@inproceedings{giraud2004survey,
 author = {Giraud, Christophe and Thiebeauld, Hugues},
 booktitle = {CARDIS},
 title = {{A survey on fault attacks}},
 year = {2004}
}

@misc{github,
 author = {GitHub Inc.},
 title = {GitHub},
 url = {https://github.com},
 year = {2018}
}

@misc{gitlab_website,
 author = {GitLab Inc.},
 title = {GitLab},
 url = {https://gitlab.com},
 year = {2018}
}

@misc{gitlabAPI,
 author = {GitLab Inc.},
 title = {GitLab Documentation: List SSH keys},
 url = {https://docs.gitlab.com/ee/api/users.html#list-ssh-keys},
 year = {2018}
}

@inproceedings{Giunta2010,
 author = {Giunta, Giulio and Montella, Raffaele and Agrillo, Giuseppe and Coviello, Giuseppe},
 booktitle = {Proceedings of the 16th international conference on Parallel processing (Euro-Par'10)},
 pages = {379--391},
 title = {{A GPGPU Transparent Virtualization Component for High Performance Computing Clouds}},
 year = {2010}
}

@inproceedings{Gjerdrum2017,
 author = {Gjerdrum, Anders T and Pettersen, Robert and Johansen, H{\aa}vard D and Johansen, Dag},
 booktitle = {International Conference on Cloud Computing and Services Science},
 title = {Performance of trusted computing in cloud infrastructures with intel sgx},
 year = {2017}
}

@inproceedings{Gleixner2019kernel,
 author = {Thomas Gleixner},
 booktitle = {{Kernel Recipes}},
 title = {Kernel hacking behind closed doors},
 year = {2019}
}

@misc{Glew1995memtype,
 author = {Glew, Andrew F and Hinton, Glenn J},
 note = {European Patent Office EP0783735A4},
 publisher = {Google Patents},
 title = {{Method and apparatus for processing memory-type information within a microprocessor}},
 year = {1995}
}

@misc{glew1997method,
 author = {Glew, Andy and Hinton, Glenn and Akkary, Haitham},
 note = {US Patent 5,680,565},
 publisher = {Google Patents},
 title = {{Method and apparatus for performing page table walks in a microprocessor capable of processing speculative instructions}},
 year = {1997}
}

@misc{Globotron2023Armadillo,
 author = {Globotron},
 title = {{Armadillo Hardware Firewall USB 2.0}},
 url = {https://globotron.nz/products/armadillo-hardware-usb-firewall},
 year = {2023}
}

@misc{Globotron2023USG,
 author = {Globotron},
 title = {{USG v1.0 Hardware Firewall}},
 url = {https://globotron.nz/products/usg-v1-0-hardware-usb-firewall},
 year = {2023}
}

@misc{Gochman2003TheIP,
 author = {Simcha Gochman and Ronny Ronen and Ittai Anati and Ariel Berkovits and Tsvika Kurts and Alon Naveh and Amer Saeed and Zeev Sperber and Raymond D. Valentine},
 title = {The Intel Pentium M Processor: Microarchitecture and Performance},
 url = {https://api.semanticscholar.org/CorpusID:51799543},
 year = {2003}
}

@inproceedings{Godefroid2005,
 author = {Godefroid, Patrice and Klarlund, Nils and Sen, Koushik},
 booktitle = {{ACM Sigplan Notices}},
 number = {6},
 pages = {213--223},
 title = {{DART: directed automated random testing}},
 volume = {40},
 year = {2005}
}

@inproceedings{Godefroid2007,
 author = {Godefroid, Patrice},
 booktitle = {{2nd International Workshop on Random Testing}},
 title = {{Random testing for security: blackbox vs. whitebox fuzzing}},
 year = {2007}
}

@inproceedings{Godefroid2008,
 author = {Godefroid, Patrice and Kiezun, Adam and Levin, Michael Y},
 booktitle = {{ACM Sigplan Notices}},
 number = {6},
 pages = {206--215},
 title = {{Grammar-based whitebox fuzzing}},
 volume = {43},
 year = {2008}
}

@article{Godefroid2012,
 author = {Godefroid, Patrice and Levin, Michael Y and Molnar, David},
 journal = {Queue},
 number = {1},
 pages = {20},
 publisher = {ACM},
 title = {{SAGE: whitebox fuzzing for security testing}},
 volume = {10},
 year = {2012}
}

@article{godefroid2012automated,
 author = {Godefroid, Patrice and Taly, Ankur},
 journal = {ACM SIGPLAN Notices},
 title = {Automated synthesis of symbolic instruction encodings from I/O samples},
 year = {2012}
}

@article{Godfrey2014,
 author = {Godfrey, Michael Misiu and Zulkernine, Mohammad},
 journal = {{IEEE} Transactions on Cloud Computing},
 title = {Preventing Cache-Based Side-Channel Attacks in a Cloud Environment},
 year = {2014}
}

@misc{Godson2016Manual3A2000,
 author = {Loongson Zhongke Technology Co., Ltd.},
 title = {Godson 3A2000 / 3B2000 Processor User Manual - Volume II, GS464E processor core V1.03},
 url = {https://mirrors.qlu.edu.cn/loongson/docs/3A2000/3A2000_p2.pdf},
 year = {2016}
}

@inproceedings{Goel2014,
 author = {Goel, Bhavishya and Titos-Gil, Ruben and Negi, Anurag and McKee, Sally A and Stenstrom, Per},
 booktitle = {{IEEE IPDPS}},
 title = {{Performance and energy analysis of the restricted transactional memory implementation on haswell}},
 year = {2014}
}

@inproceedings{gofetch,
 author = {Boru Chen and Yingchen Wang and Pradyumna Shome and Christopher W. Fletcher and David Kohlbrenner and Riccardo Paccagnella and Daniel Genkin},
 booktitle = {{USENIX Security}},
 title = {GoFetch: Breaking Constant-Time Cryptographic Implementations Using Data Memory-Dependent Prefetchers},
 year = {2024}
}

@inproceedings{Goktas2014COP,
 author = {Enes G{\"{o}}ktas and
Elias Athanasopoulos and
Herbert Bos and
Georgios Portokalidis},
 booktitle = {{S\&P}},
 title = {Out of Control: Overcoming Control-Flow Integrity},
 year = {2014}
}

@article{Goktas2016Bypassing,
 author = {Goktas, EK and Oikonomopoulos, A and Gawlik, Robert and Kollenda, Benjamin and Athanasopoulos, I and Giuffrida, C and Portokalidis, G and Bos, HJ},
 journal = {BlackHat Europe},
 title = {{Bypassing Clang's SafeStack for Fun and Profit}},
 year = {2016}
}

@inproceedings{Goktas2016info,
 author = {Enes G{\"o}kta{\c s} and Robert Gawlik and Benjamin Kollenda and Elias Athanasopoulos and Georgios Portokalidis and Cristiano Giuffrida and Herbert Bos},
 booktitle = {{USENIX Security Symposium}},
 title = {{Undermining Information Hiding (and What to Do about It)}},
 year = {2016}
}

@inproceedings{Goktas2020blind,
 author = {G\"{o}kta\c{s}, Enes and Razavi, Kaveh and Portokalidis, Georgios and Bos, Herbert and Giuffrida, Cristiano},
 booktitle = {{CCS}},
 title = {{Speculative Probing: Hacking Blind in the Spectre Era}},
 year = {2020}
}

@inproceedings{Goktas2020blindside,
 author = {Goktas, Enes and Razavi, Kaveh and Portokalidis, Georgios and Bos, Herbert and Giuffrida, Cristiano},
 booktitle = {{CCS}},
 title = {Speculative {Probing}: {Hacking} {Blind} in the {Spectre} {Era}},
 year = {2020}
}

@inproceedings{Goldberg1996secure,
 author = {Goldberg, Ian and Wagner, David and Thomas, Randi and Brewer, Eric A and others},
 booktitle = {USENIX Security Symposium},
 title = {A secure environment for untrusted helper applications: Confining the wily hacker},
 year = {1996}
}

@article{Goldreich1996oram,
 author = {Goldreich, Oded and Rafail, Ostrovsky},
 journal = {JACM},
 title = {Software protection and simulation on oblivious RAMs.},
 year = {1996}
}

@article{Goldwasser2012,
 author = {Goldwasser, Shafi and Rothblum, Guy N.},
 journal = {Electronic Colloquium on Computational Complexity (ECCC)},
 month = {10},
 number = {10},
 pages = {31--40},
 publisher = {Ieee},
 title = {{How to Compute in the Presence of Leakage}},
 volume = {19},
 year = {2012}
}

@inproceedings{Golic2002,
 author = {Goli{\'c}, Jovan D and Tymen, Christophe},
 booktitle = {CHES},
 title = {{Multiplicative Masking and Power Analysis of AES}},
 year = {2002}
}

@inproceedings{Gonzalez2019,
 author = {Abraham Gonzalez and Ben Korpan and Jerry Zhao and Ed Younis and Krste Asanovi{\'c}},
 booktitle = {{Third Workshop on Computer Architecture Research with RISC-V (CARRV)}},
 title = {{Replicating and Mitigating Spectre Attacks on a Open Source RISC-V Microarchitecture}},
 year = {2019}
}

@inproceedings{gonzalez2019replicating,
 author = {Gonzalez, Abraham and Korpan, Ben and Zhao, Jerry and Younis, Ed and Asanovic, K},
 booktitle = {{Third Workshop on Computer Architecture Research with RISC-V}},
 title = {Replicating and mitigating spectre attacks on an open source risc-v microarchitecture},
 year = {2019}
}

@article{Gonzalez2021artificial,
 author = {Gonz{\'a}lez-Calatayud, V{\'\i}ctor and Prendes-Espinosa, Paz and Roig-Vila, Rosabel},
 journal = {Applied sciences},
 number = {12},
 title = {Artificial intelligence for student assessment: A systematic review},
 volume = {11},
 year = {2021}
}

@misc{Goodin2010,
 author = {Goodin, Dan},
 publisher = {The Register},
 title = {{'Super-secret' debugger discovered in AMD CPUs}},
 url = {https://www.theregister.co.uk/2010/11/15/amd_secret_debugger/},
 year = {2010}
}

@misc{Goodwin2015OCSP,
 author = {{Mark Goodwin}},
 title = {{Improving Revocation: OCSP Must-Staple and Short-lived Certificates}},
 url = {https://blog.mozilla.org/security/2015/11/23/improving-revocation-ocsp-must-staple-and-short-lived-certificates/},
 year = {2015}
}

@misc{Google2015HeapGrooming,
 author = {{Google Project Zero}},
 title = {What is a "good" memory corruption vulnerability?},
 url = {https://googleprojectzero.blogspot.com/2015/06/what-is-good-memory-corruption.html},
 year = {2015}
}

@misc{Google2019BigInt,
 author = {{V8 team}},
 title = {{v8 - Adding BigInts to V8}},
 url = {https://v8.dev/blog/bigint},
 year = {2018}
}

@misc{Google2019safeside,
 author = {Google},
 title = {{SafeSide: Understand and mitigate software-observable side-chan\-nels}},
 url = {https://github.com/google/safeside},
 year = {2019}
}

@misc{Google2019sandbox2,
 author = {Google Inc.},
 title = {{Sandbox2}},
 url = {https://developers.google.com/sandboxed-api/docs/sandbox2/overview},
 year = {2019}
}

@misc{Google2019Spectre,
 author = {Google},
 title = {{A year with Spectre: a V8 perspective}},
 url = {https://v8.dev/blog/spectre},
 year = {2019}
}

@misc{Google2019useractivation,
 author = {{Google Chrome Developers}},
 title = {Making user activation consistent across APIs},
 url = {https://developer.chrome.com/blog/user-activation/},
 year = {2019}
}

@misc{Google2022ChromeOs,
 author = {{Google}},
 title = {Meet ChromeOS},
 url = {https://www.google.com/chromebook/chrome-os/},
 year = {2022}
}

@misc{Google2022topics,
 author = {Google},
 title = {{Topics API overview}},
 url = {{https://developers.google.com/privacy-sandbox/relevance/topics}},
 year = {2022}
}

@misc{google2023confvm,
 organization = {Google Cloud},
 title = {{Confidential VM documentation}},
 url = {https://cloud.google.com/compute/confidential-vm/docs},
 year = {2023}
}

@misc{Google2023cookiedeprecate,
 author = {Google},
 title = {{Third-party cookie deprecation}},
 url = {{https://developers.google.com/privacy-sandbox/3pcd}},
 year = {2023}
}

@misc{Google2023tracking,
 author = {Google},
 title = {{Third-party cookie deprecation}},
 url = {{https://blog.google/products/chrome/privacy-sandbox-tracking-protection/}},
 year = {2023}
}

@misc{google2024Msrscan,
 author = {Google},
 title = {MSRSCAN},
 url = {https://github.com/google/security-research/tree/master/pocs/cpus/misc/msrscan},
 year = {2024}
}

@misc{Google2024MV3,
 author = {{Google Developers}},
 title = {{Migrate to Manifest V3}},
 url = {https://developer.chrome.com/docs/extensions/develop/migrate},
 year = {2024}
}

@online{Google2025EntrySign,
 author = {Josh Eads and Tavis Ormandy and Matteo Rizzo and Kristoffer Janke and Eduardo Vela Nava},
 title = {{Zen and the Art of Microcode Hacking}},
 year = {2025}
}

@misc{google2025playstore,
 author = {Google},
 title = {{Google Play Store}},
 url = {{https://play.google.com/}},
 year = {2025}
}

@misc{GoogleFonts2025Glyph,
 author = {{Google Fonts}},
 title = {{Glossary - Glyph}},
 url = {https://fonts.google.com/knowledge/glossary/glyph},
 year = {2025}
}

@misc{GoogleFonts2025Hinting,
 author = {{Google Fonts}},
 title = {{Glossary - Hinting}},
 url = {https://fonts.google.com/knowledge/glossary/hinting},
 year = {2025}
}

@misc{GoogleFonts2025System,
 author = {{Google Fonts}},
 title = {{Glossary - System font, or web-safe font}},
 url = {https://fonts.google.com/knowledge/glossary/system_font_web_safe_font},
 year = {2025}
}

@misc{GoogleProjectZero2025BrokenType,
 author = {{Google Project Zero}},
 title = {{BrokenType}},
 url = {https://github.com/googleprojectzero/BrokenType},
 year = {2025}
}

@misc{GoogleV8Blog2019,
 author = {{V8 team}},
 title = {{v8 - Documentation}},
 url = {https://v8.dev/docs},
 year = {2019}
}

@misc{googlevtpm,
 author = {{Google}},
 title = {{Shielded VM}},
 url = {https://cloud.google.com/security/shielded-cloud/shielded-vm#vtpm},
 year = {2019}
}

@article{Goonatilake2012Latency,
 author = {Goonatilake, Rohitha and Bachnak, Rafic A},
 journal = {Network and Communication Technologies},
 number = {2},
 pages = {1},
 title = {{Modeling latency in a network distribution}},
 volume = {1},
 year = {2012}
}

@article{Gopal2009scatter,
 author = {Gopal, Vinodh and Guilford, James and Ozturk, Erdinc and Feghali, Wajdi and Wolrich, Gil and Dixon, Martin},
 journal = {Embedded Systems and Communications Security},
 title = {{Fast and Constant-Time Implementation of Modular Exponentiation}},
 year = {2009}
}

@article{Gordon1995rapid,
 author = {V. Scott Gordon and James M. Bieman},
 journal = {IEEE Software},
 number = {1},
 title = {{Rapid prototyping: lessons learned}},
 volume = {12},
 year = {1995}
}

@book{Gorman2004,
 author = {Gorman, Mel},
 publisher = {Prentice Hall Upper Saddle River},
 title = {{Understanding the Linux virtual memory manager}},
 year = {2004}
}

@inproceedings{Gotzfried2017,
 author = {G{\"o}tzfried, Johannes and Eckert, Moritz and Schinzel, Sebastian and M{\"u}ller, Tilo},
 booktitle = {{EuroSec}},
 title = {{Cache Attacks on Intel SGX}},
 year = {2017}
}

@inproceedings{Goubin1999,
 author = {Goubin, Louis and Patarin, Jacques},
 booktitle = {International Workshop on Cryptographic Hardware and Embedded Systems},
 title = {{DES and Differential Power Analysis: The “Duplication” Method}},
 year = {1999}
}

@inproceedings{goubin2002refined,
 author = {Goubin, Louis},
 booktitle = {PCK},
 title = {A refined power-analysis attack on elliptic curve cryptosystems},
 year = {2002}
}

@book{Gough2015,
 author = {Gough, Corey and Steiner, Ian and Saunders, Winston},
 publisher = {Apress},
 title = {{Energy Efficient Servers}},
 year = {2015}
}

@misc{Grant2018Building,
 author = {{Grant, Reilly}},
 title = {{Building a device for WebUSB}},
 url = {https://developer.chrome.com/articles/build-for-webusb/},
 year = {2018}
}

@inproceedings{Gras2017,
 author = {Gras, Ben and Razavi, Kaveh and Bosman, Erik and Bos, Herbert and Giuffrida, Cristiano},
 booktitle = {{NDSS}},
 title = {{ASLR on the Line: Practical Cache Attacks on the MMU}},
 year = {2017}
}

@inproceedings{Gras2017aslr,
 author = {Gras, Ben and Razavi, Kaveh},
 booktitle = {{NDSS}},
 title = {{ASLR on the Line: Practical Cache Attacks on the MMU.}},
 year = {2017}
}

@inproceedings{Gras2018,
 author = {Gras, Ben and Razavi, Kaveh and Bos, Herbert and Giuffrida, Cristiano},
 booktitle = {{USENIX} Security Symposium},
 title = {{Translation Leak-aside Buffer: Defeating Cache Side-channel Protections with TLB Attacks}},
 year = {2018}
}

@inproceedings{Gras2020,
 author = {Gras, Ben and Giuffrida, Cristiano and Kurth, Michael and Bos, Herbert and Razavi, Kaveh},
 booktitle = {{NDSS}},
 title = {{ABSynthe: Automatic Blackbox Side-channel Synthesis on Commodity Microarchitectures}},
 year = {2020}
}

@inproceedings{Grayson2020,
 author = {Brian Grayson and Jeff Rupley and Gerald Zuraski Jr. and Eric Quinnell and Daniel A. Jim{\'e}nez and Tarun Nakra and Paul Kitchin and Ryan Hensley and Edward Brekelbaum and Vikas Sinha and Ankit Ghiya},
 booktitle = {{ISCA}},
 title = {{Evolution of the Samsung Exynos CPU Microarchitecture}},
 year = {2020}
}

@inproceedings{Green2017autolock,
 author = {Green, Marc and Rodrigues-Lima, Leandro and Zankl, Andreas and Irazoqui, Gorka and Heyszl, Johann and Eisenbarth, Thomas},
 booktitle = {USENIX Security Symposium},
 title = {{AutoLock: Why Cache Attacks on ARM Are Harder Than You Think}},
 year = {2017}
}

@misc{Gregg2018kpti,
 author = {Gregg, Brendan},
 title = {{KPTI/KAISER Meltdown Initial Performance Regressions}},
 year = {2018}
}

@misc{Gregvish2018L1tf,
 author = {Gregory Vish},
 title = {{l1tf-poc}},
 url = {https://github.com/gregvish/l1tf-poc},
 year = {2018}
}

@inproceedings{Grevet2014,
 author = {Grevet, Catherine and Choi, David and Kumar, Debra and Gilbert, Eric},
 booktitle = {{Proceedings of the SIGCHI Conference on Human Factors in Computing Systems}},
 title = {{Overload is overloaded: email in the age of Gmail}},
 year = {2014}
}

@inproceedings{Grimsdal2019,
 author = {Grimsdal, Gunnar and Lundgren, Patrik and Vestlund, Christian and Boeira, Felipe and Asplund, Mikael},
 booktitle = {Nordic Conference on Secure IT Systems},
 title = {Can Microkernels Mitigate Microarchitectural Attacks?},
 year = {2019}
}

@article{Gropp1996,
 author = {Gropp, William and Lusk, Ewing and Doss, Nathan and Skjellum, Anthony},
 journal = {Parallel computing},
 title = {A high-performance, portable implementation of the MPI message passing interface standard},
 year = {1996}
}

@online{Gross2017firefox,
 author = {Samuel Groß},
 title = {Exploiting a Cross-mmap Overflow in Firefox},
 url = {https://saelo.github.io/posts/firefox-script-loader-overflow.html},
 year = {2017}
}

@misc{Grsecurity2018Respectre,
 author = {{Open Source Security Inc}},
 title = {Respectre{$\texttrademark$}: The State of the Art in Spectre Defenses},
 year = {2018}
}

@inproceedings{Gruber2014OverheadPMC,
 author = {Gruber, Thomas and Eitzinger, Jan and Hager, Georg and Wellein, Gerhard},
 doi = {10.1109/ICPPW.2014.34},
 month = {09},
 pages = {},
 title = {Overhead Analysis of Performance Counter Measurements},
 year = {2014}
}

@inproceedings{Grund2010PLRU,
 author = {Grund, Daniel and Reineke, Jan},
 booktitle = {WCET},
 title = {Toward precise PLRU cache analysis},
 year = {2010}
}

@inproceedings{Gruss2015dedup,
 author = {Gruss, Daniel and Bidner, David and Mangard, Stefan},
 booktitle = {{ESORICS}},
 title = {{Practical Memory Deduplication Attacks in Sandboxed JavaScript}},
 year = {2015}
}

@inproceedings{Gruss2015Template,
 author = {Daniel Gruss and Raphael Spreitzer and Stefan Mangard},
 booktitle = {USENIX Security Symposium},
 title = {{Cache Template Attacks: Automating Attacks on Inclusive Last-Level Caches}},
 year = {2015}
}

@inproceedings{Gruss2016CCS,
 author = {Daniel Gruss and Cl\'{e}mentine Maurice and Anders Fogh and Moritz Lipp and Stefan Mangard},
 booktitle = {{CCS'16}},
 title = {{Prefetch Side-Channel Attacks: Bypassing SMAP and Kernel ASLR}},
 year = {2016}
}

@inproceedings{Gruss2016Flush,
 author = {Daniel Gruss and Cl\'{e}mentine Maurice and Klaus Wagner and Stefan Mangard},
 booktitle = {DIMVA},
 title = {{Flush+Flush: A Fast and Stealthy Cache Attack}},
 year = {2016}
}

@inproceedings{Gruss2016Prefetch,
 author = {Gruss, Daniel and Maurice, Cl\'{e}mentine and Fogh, Anders and Lipp, Moritz and Mangard, Stefan},
 booktitle = {CCS},
 title = {{Prefetch Side-Channel Attacks: Bypassing SMAP and Kernel ASLR}},
 year = {2016}
}

@inproceedings{Gruss2016Row,
 author = {Daniel Gruss and Cl\'{e}mentine Maurice and Stefan Mangard},
 booktitle = {DIMVA},
 title = {{Rowhammer.js: A Remote Software-Induced Fault Attack in JavaScript}},
 year = {2016}
}

@inproceedings{Gruss2017Cloak,
 author = {Gruss, Daniel and Schuster, Felix and Ohrimenko, Olya and Haller, Istvan and Lettner, Julian and Costa, Manuel},
 booktitle = {{USENIX Security}},
 title = {{Strong and Efficient Cache Side-Channel Protection using Hardware Transactional Memory}},
 year = {2017}
}

@inproceedings{Gruss2017KASLR,
 author = {Gruss, Daniel and Lipp, Moritz and Schwarz, Michael and Fellner, Richard and Maurice, Clémentine and Mangard, Stefan},
 booktitle = {{ESSoS}},
 title = {{KASLR is Dead: Long Live KASLR}},
 year = {2017}
}

@phdthesis{Gruss2017PhD,
 author = {Daniel Gruss},
 school = {Graz University of Technology},
 title = {{Software-based Microarchitectural Attacks}},
 year = {2017}
}

@inproceedings{Gruss2017TSX,
 author = {Daniel Gruss and Julian Lettner and Felix Schuster and Olga Ohrimenko and Istvan Haller and Manuel Costa},
 booktitle = {USENIX Security Symposium},
 title = {{Strong and Efficient Cache Side-Channel Protection using Hardware Transactional Memory}},
 year = {2017}
}

@article{Gruss2018Bluehat,
 author = {Gruss, Daniel and Lipp, Moritz and Schwarz, Michael},
 journal = {Bluehat IL},
 month = {January},
 title = {{Beyond Belief: The Case of Spectre and Meltdown}},
 url = {http://www.bluehatil.com/files/Beyond%20Belief%20-%20The%20Case%20of%20Spectre%20and%20Meltdown.pdf},
 year = {2018}
}

@article{Gruss2018Kernel,
 author = {Daniel Gruss and Dave Hansen and Brendan Gregg},
 journal = {USENIX ;login},
 title = {{Kernel Isolation: From an Academic Idea to an Efficient Patch for Every Computer}},
 year = {2018}
}

@article{Gruss2018MDBlackhat,
 author = {Gruss, Daniel and Schwarz, Michael and Lipp, Moritz},
 journal = {BlackHat USA},
 title = {{Meltdown: Basics, Details, Consequences}},
 year = {2018}
}

@inproceedings{Gruss2018meltdown,
 author = {Gruss, Daniel and Schwarz, Michael and Lipp, Moritz},
 booktitle = {BlackHat USA},
 title = {Meltdown: Basics, Details, Consequences},
 year = {2018}
}

@inproceedings{Gruss2018Rowhammer,
 author = {Gruss, Daniel and Lipp, Moritz and Schwarz, Michael and Genkin, Daniel and Juffinger, Jonas and O'Connell, Sioli and Schoechl, Wolfgang and Yarom, Yuval},
 booktitle = {S\&P},
 title = {{Another Flip in the Wall of Rowhammer Defenses}},
 year = {2018}
}

@inproceedings{Gruss2018useafterfree,
 author = {Gruss, Daniel and Schwarz, Michael and W{\"u}bbeling, Matthias and Guggi, Simon and Malderle, Timo and More, Stefan and Lipp, Moritz},
 booktitle = {AsiaCCS},
 title = {Use-after-freemail: Generalizing the use-after-free problem and applying it to email services},
 year = {2018}
}

@inproceedings{Gruss2019page,
 author = {Gruss, Daniel and Kraft, Erik and Tiwari, Trishita and Schwarz, Michael and Trachtenberg, Ari and Hennessey, Jason and Ionescu, Alex and Fogh, Anders},
 booktitle = {CCS},
 title = {{Page Cache Attacks}},
 year = {2019}
}

@misc{GTKplus2016,
 author = {{The GTK+ Team}},
 title = {GTK+ Features},
 url = {https://www.gtk.org/features.php},
 year = {2016}
}

@inproceedings{guan2014copker,
 author = {Guan, Le and Lin, Jingqiang and Luo, Bo and Jing, Jiwu},
 booktitle = {NDSS},
 title = {Copker: Computing with Private Keys without RAM.},
 year = {2014}
}

@inproceedings{Guan2015,
 author = {Guan, Le and Lin, Jingqiang and Luo, Bo and Jing, Jiwu and Wang, Jing},
 booktitle = {S\&P},
 title = {Protecting private keys against memory disclosure attacks using hardware transactional memory},
 year = {2015}
}

@inproceedings{Guan2016,
 author = {Guan, Chong and Sun, Kun and Wang, Zhan and Zhu, WenTao},
 booktitle = {{ASIACCS'16}},
 title = {{Privacy Breach by Exploiting postMessage in HTML5: Identification, Evaluation, and Countermeasure}},
 year = {2016}
}

@misc{Guardian2013Lavabit,
 author = {{The Guardian}},
 title = {{Lavabit email service abruptly shut down citing government interference}},
 url = {https://www.theguardian.com/technology/2013/aug/08/lavabit-email-shut-down-edward-snowden},
 year = {2013}
}

@article{Guarnieri2018spectector,
 author = {Guarnieri, Marco and K{\"{o}}pf, Boris and Morales, Jos{\'{e}} F. and Reineke, Jan and S{\'{a}}nchez, Andr{\'{e}}s},
 journal = {arXiv:1812.08639},
 title = {{{SPECTECTOR:} Principled Detection of Speculative Information Flows}},
 year = {2018}
}

@inproceedings{Guarnieri2020spectector,
 author = {Guarnieri, Marco and K{\"o}pf, Boris and Morales, Jos{\'e} F and Reineke, Jan and S{\'a}nchez, Andr{\'e}s},
 booktitle = {S\&P},
 title = {{SPECTECTOR: Principled Detection of Speculative Information Flows}},
 year = {2020}
}

@inproceedings{guarnieri2021hardware,
 author = {Guarnieri, Marco and K{\"o}pf, Boris and Reineke, Jan and Vila, Pepe},
 booktitle = {{S\&P}},
 title = {Hardware-software contracts for secure speculation},
 year = {2021}
}

@inproceedings{Guelmezoglu2015,
 author = {Berk G\"{u}lmezo\u{g}lu and Mehmet Sinan Inci and Thomas Eisenbarth and Berk Sunar},
 booktitle = {{COSADE}},
 title = {{A Faster and More Realistic Flush+Reload Attack on AES}},
 year = {2015}
}

@misc{Guermouche2019,
 author = {Guermouche, Amina and Orgerie, Anne-C{\'e}cile},
 title = {Experimental analysis of vectorized instructions impact on energy and power consumption under thermal design power constraints},
 year = {2019}
}

@misc{gueron2010intel,
 author = {Gueron, Shay},
 organization = {Intel},
 title = {{Intel (R) Advanced Encryption Standard (AES) New Instructions Set}},
 year = {2010}
}

@misc{Gueron2012aesni,
 author = {Gueron, Shay},
 publisher = {Intel},
 title = {{Intel Advanced Encryption Standard (Intel AES) Instructions Set -- Rev 3.01}},
 year = {2012}
}

@article{Gueron2012efficient,
 author = {Gueron, Shay},
 journal = {Journal of Cryptographic Engineering},
 number = {1},
 pages = {31--43},
 publisher = {Springer},
 title = {{Efficient Software Implementations of Modular Exponentiation}},
 volume = {2},
 year = {2012}
}

@misc{Gueron2016,
 author = {Shay Gueron},
 howpublished = {ePrint 2016/204},
 title = {A Memory Encryption Engine Suitable for General Purpose Processors},
 year = {2016}
}

@article{gueron2016memory,
 author = {Gueron, Shay},
 journal = {IEEE SP},
 title = {Memory encryption for general-purpose processors},
 year = {2016}
}

@inproceedings{Gulati2010,
 author = {Gulati, Ajay and Merchant, Arif and Varman, Peter},
 booktitle = {OSDI'10},
 title = {{mClock: Handling Throughput Variability for Hypervisor IO Scheduling}},
 year = {2010}
}

@inproceedings{Gullasch2011,
 author = {Gullasch, David and Bangerter, Endre and Krenn, Stephan},
 booktitle = {S\&P},
 title = {{Cache Games -- Bringing Access-Based Cache Attacks on AES to Practice}},
 year = {2011}
}

@article{Gulmezoglu2016cross,
 author = {Gulmezoglu, Berk and Inci, Mehmet Sinan and Irazoqui, Gorka and Eisenbarth, Thomas and Sunar, Berk},
 journal = {IEEE Transactions on Multi-Scale Computing Systems},
 number = {3},
 pages = {211--222},
 title = {Cross-VM cache attacks on AES},
 volume = {2},
 year = {2016}
}

@inproceedings{Gulmezoglu2017cache,
 author = {Gulmezoglu, Berk and Eisenbarth, Thomas and Sunar, Berk},
 booktitle = {{AsiaCCS}},
 title = {{Cache-based application detection in the cloud using machine learning}},
 year = {2017}
}

@inproceedings{Gulmezoglu2017perfweb,
 author = {Gulmezoglu, Berk and Zankl, Andreas and Eisenbarth, Thomas and Sunar, Berk},
 booktitle = {European Symposium on Research in Computer Security},
 title = {{PerfWeb: How to violate web privacy with hardware performance events}},
 year = {2017}
}

@article{Gulmezoglu2018android,
 author = {G{\"{u}}lmezoglu, Berk and Zankl, Andreas and Tol, Caner and Islam, Saad and Eisenbarth, Thomas and Sunar, Berk},
 journal = {arXiv:1811.11218},
 title = {{Undermining User Privacy on Mobile Devices Using {AI}}},
 year = {2018}
}

@article{Gulmezoglu2019,
 author = {Gulmezoglu, Berk and Moghimi, Ahmad and Eisenbarth, Thomas and Sunar, Berk},
 journal = {arXiv:1907.03651},
 title = {{FortuneTeller: Predicting Microarchitectural Attacks via Unsupervised Deep Learning}},
 year = {2019}
}

@article{gulwani2011synthesis,
 author = {Gulwani, Sumit and Jha, Susmit and Tiwari, Ashish and Venkatesan, Ramarathnam},
 journal = {ACM SIGPLAN Notices},
 title = {Synthesis of loop-free programs},
 year = {2011}
}

@inproceedings{Gulyas2018,
 author = {Gabog Gyorgy Guly{\'a}s and Doli{\`e}re Francis Som{\'e} and Nataliia Bielova and Claude Castelluccia},
 booktitle = {Workshop on Privacy in the Electronic Society},
 title = {To Extend or not to Extend: On the Uniqueness of Browser Extensions and Web Logins},
 year = {2018}
}

@article{Guo2019specusym,
 author = {Guo, Shengjian and Chen, Yueqi and Li, Peng and Cheng, Yueqiang and Wang, Huibo and Wu, Meng and Zuo, Zhiqiang},
 journal = {arXiv:1911.\-00507},
 title = {{SpecuSym: Speculative Symbolic Execution for Cache Timing Leak Detection}},
 year = {2019}
}

@inproceedings{Guo2020Specusym,
 author = {Guo, Shengjian and Chen, Yueqi and Li, Peng and Cheng, Yueqiang and Wang, Huibo and Wu, Meng and Zuo, Zhiqiang},
 booktitle = {ACM/IEEE International Conference on Software Engineering},
 title = {SpecuSym: Speculative symbolic execution for cache timing leak detection},
 year = {2020}
}

@article{Guo2021adversarial,
 author = {Guo, Yanan and Zigerelli, Andrew and Zhang, Youtao and Yang, Jun},
 journal = {arXiv:2110.12340},
 title = {Adversarial Prefetch: New Cross-Core Cache Side Channel Attacks},
 year = {2021}
}

@inproceedings{Guo2022adversarial,
 author = {Guo, Yanan and Zigerelli, Andrew and Zhang, Youtao and Yang, Jun},
 booktitle = {S\&P},
 title = {Adversarial prefetch: New cross-core cache side channel attacks},
 year = {2022}
}

@inproceedings{Gupta2006,
 author = {Gupta, Diwaker and Cherkasova, Ludmila and Gardner, Rob and Vahdat, Amin},
 booktitle = {Proceedings of the ACM/IFIP/USENIX 2006 International Conference on Middleware},
 pages = {342--362},
 title = {{Enforcing Performance Isolation Across Virtual Machines in Xen}},
 year = {2006}
}

@inproceedings{Gupta2009empirical,
 author = {Gupta, Archit and Kuppili, Pavan and Akella, Aditya and Barford, Paul},
 booktitle = {IEEE Communication Systems and Networks and Workshops (COMSNETS)},
 title = {An empirical study of malware evolution},
 year = {2009}
}

@inproceedings{Gupta2009gvim,
 author = {Gupta, Vishakha and Gavrilovska, Ada and Schwan, Karsten and Kharche, Harshvardhan and Tolia, Niraj and Talwar, Vanish and Ranganathan, Parthasarathy},
 booktitle = {Proceedings of the 3rd ACM Workshop on System-level Virtualization for High Performance Computing (HPCVirt'09)},
 pages = {17--24},
 title = {{GViM: GPU-accelerated Virtual Machines}},
 year = {2009}
}

@inproceedings{Guri2014airhopper,
 author = {Guri, Mordechai and Kedma, Gabi and Kachlon, Assaf and Elovici, Yuval},
 booktitle = {{MALWARE}},
 title = {{AirHopper: Bridging the air-gap between isolated networks and mobile phones using radio frequencies}},
 year = {2014}
}

@inproceedings{Guri2015bitwhisper,
 author = {Guri, Mordechai and Monitz, Matan and Mirski, Yisroel and Elovici, Yuval},
 booktitle = {{IEEE CSF}},
 title = {{Bitwhisper: Covert signaling channel between air-gapped computers using thermal manipulations}},
 year = {2015}
}

@article{Guri2018,
 author = {Guri, Mordechai and Zadov, Boris and Bykhovsky, Dima and Elovici, Yuval},
 journal = {arXiv:1804.04014},
 title = {{PowerHammer: Exfiltrating Data from Air-Gapped Computers Through Power Lines}},
 year = {2018}
}

@inproceedings{Gyselinck2018,
 author = {Gyselinck, Jago and Van Bulck, Jo and Piessens, Frank and Strackx, Raoul},
 booktitle = {{ESSoS}},
 title = {{Off-limits: Abusing legacy x86 memory segmentation to spy on enclaved execution}},
 year = {2018}
}

@article{Haas2021itimed,
 author = {Haas, Gregor and Potluri, Seetal and Aysu, Aydin},
 journal = {Cryptology ePrint Archive},
 title = {iTimed: Cache attacks on the apple a10 fusion SoC},
 year = {2021}
}

@article{haaswijk2019sat,
 author = {Haaswijk, Winston and Soeken, Mathias and Mishchenko, Alan and De Micheli, Giovanni},
 journal = {IEEE TCAD},
 title = {SAT-based exact synthesis: Encodings, topology families, and parallelism},
 year = {2019}
}

@misc{HackSynth,
 author = {Sebastian Hack},
 title = {{shack/Synth: Synthesis of Loop-free Programs}},
 url = {https://github.com/shack/synth},
 year = {2024}
}

@misc{hacktricks2024css,
 author = {{HackTricks}},
 title = {{CSS Injection}},
 url = {https://book.hacktricks.xyz/pentesting-web/xs-search/css-injection},
 year = {2024}
}

@misc{Hacohen2020SignedPages,
 author = {Hacohen, Tom},
 title = {Signed Pages: A browser extension to verify the authenticity (PGP signature) of web pages },
 url = {https://github.com/tasn/webext-signed-pages},
 year = {2020}
}

@misc{Hadad2018,
 author = {Hadad, Noam and Afek, Jonathan},
 title = {{Overcoming (some) Spectre browser mitigations}},
 url = {https://alephsecurity.com/2018/06/26/spectre-browser-query-cache/},
 year = {2018}
}

@article{Haehnel2012,
 author = {H{\"a}hnel, Marcus and D{\"o}bel, Bj{\"o}rn and V{\"o}lp, Marcus and H{\"a}rtig, Hermann},
 journal = {ACM SIGMETRICS Performance Evaluation Review},
 number = {3},
 publisher = {ACM},
 title = {{Measuring Energy Consumption for Short Code Paths Using RAPL}},
 volume = {40},
 year = {2012}
}

@misc{Hak2023ducky,
 author = {Hak5},
 title = {{USB Rubber Ducky}},
 url = {https://hak5.org/products/usb-rubber-ducky},
 year = {2023}
}

@misc{Hak2023library,
 author = {Hak5},
 title = {{Payload Library for the USB Rubber Ducky}},
 url = {https://github.com/hak5/usbrubberducky-payloads},
 year = {2023}
}

@inproceedings{Halcrow05,
 author = {Halcrow, Michael Austin},
 booktitle = {Linux Symposium},
 title = {{eCryptfs}: An Enterprise-class Encrypted Filesystem for {Linux}},
 year = {2005}
}

@article{Halderman2009,
 author = {Halderman, J. Alex and Schoen, Seth D. and Heninger, Nadia and Clarkson, William and Paul, William and Calandrino, Joseph A. and Feldman, Ariel J. and Appelbaum, Jacob and Felten, Edward W.},
 journal = {Communications of the {ACM}},
 month = {May},
 publisher = {Association for Computing Machinery ({ACM})},
 title = {{Lest We Remember: Cold-Boot Attacks on Encryption Keys}},
 year = {2009}
}

@phdthesis{Hall2017time,
 author = {Hall, Carissa G},
 school = {Monterey, California: Naval Postgraduate School},
 title = {Time sensitivity in cyberweapon reusability},
 year = {2017}
}

@inproceedings{Haller2013,
 author = {Haller, Istvan and Slowinska, Asia and Neugschwandtner, Matthias and Bos, Herbert},
 booktitle = {{USENIX Security Symposium}},
 title = {{Dowsing for Overflows: A Guided Fuzzer to Find Buffer Boundary Violations.}},
 year = {2013}
}

@misc{hammertime,
 author = {Andrei Tatar},
 title = {Hammertime: a software suite for testing, profiling and simulating the Rowhammer DRAM defect},
 url = {https://github.com/vusec/hammertime},
 year = {2018}
}

@article{Hamming1950,
 author = {Hamming, Richard W},
 journal = {The Bell system technical journal},
 title = {Error detecting and error correcting codes},
 year = {1950}
}

@inproceedings{han2018bad,
 address = {Baltimore, MD},
 author = {Seunghun Han and Wook Shin and Jun-Hyeok Park and HyoungChun Kim},
 booktitle = {27th {USENIX} Security Symposium ({USENIX} Security 18)},
 isbn = {978-1-939133-04-5},
 month = {August},
 pages = {1229--1246},
 publisher = {{USENIX} Association},
 title = {{A Bad Dream: Subverting Trusted Platform Module While You Are Sleeping}},
 url = {https://www.usenix.org/conference/usenixsecurity18/presentation/han},
 year = {2018}
}

@inproceedings{Han2019codealchemist,
 author = {Han, HyungSeok and Oh, DongHyeon and Cha, Sang Kil},
 booktitle = {NDSS},
 title = {{CodeAlchemist}: Semantics-Aware Code Generation to Find Vulnerabilities in JavaScript Engines},
 year = {2019}
}

@inproceedings{Han2019novel,
 author = {Han, Youngkwang and Kim, John},
 booktitle = {DAC},
 title = {A Novel Covert Channel Attack Using Memory Encryption Engine Cache},
 year = {2019}
}

@article{Handley2021M1,
 author = {Maynard Handley},
 title = {{M1 Exploration - v0.70}},
 year = {2021}
}

@book{Handy1993CMB,
 author = {Handy, Jim},
 publisher = {Academic Press Professional, Inc.},
 title = {The Cache Memory Book},
 year = {1993}
}

@book{Handy1998CMB,
 author = {Handy, Jim},
 publisher = {Morgan Kaufmann},
 title = {The cache memory book},
 year = {1998}
}

@misc{Hansen2017kaiser,
 author = {Hansen, Dave},
 title = {{KAISER: unmap most of the kernel from userspace page table}},
 url = {https://lkml.org/lkml/2017/10/31/884},
 year = {2017}
}

@article{Hardy1988,
 author = {Norman Hardy},
 journal = {Operating Systems Review},
 number = {4},
 pages = {36--38},
 title = {The Confused Deputy (or why capabilities might have been invented)},
 volume = {22},
 year = {1988}
}

@article{Harnik2010,
 author = {Harnik, Danny and Pinkas, Benny and Shulman-Peleg, Alexandra},
 journal = {IEEE Security \& Privacy},
 number = {6},
 title = {{Side channels in cloud services, the case of deduplication in cloud storage}},
 year = {2010}
}

@article{Harris2010,
 author = {Harris, Tim and Larus, James and Rajwar, Ravi},
 journal = {Synthesis Lectures on Computer Architecture},
 number = {1},
 pages = {1--263},
 title = {{Transactional memory}},
 volume = {5},
 year = {2010}
}

@inproceedings{Harris2019cyclone,
 author = {Harris, Austin and Wei, Shijia and Sahu, Prateek and Kumar, Pranav and Austin, Todd and Tiwari, Mohit},
 booktitle = {MICRO},
 title = {{Cyclone: Detecting Contention-Based Cache Information Leaks Through Cyclic Interference}},
 year = {2019}
}

@article{Harwood1987,
 author = {Keith Harwood},
 journal = {{SIGSOFT Softw. Eng. Notes}},
 title = {{On Prototyping and the Role of the Software Engineer}},
 year = {1987}
}

@inproceedings{Hassan2020mozilla,
 author = {Sohaib ul Hassan and Iaroslav Gridin and Ignacio M. Delgado-Lozano and Cesar Pereida Garc{\'\i}a and Jes{\'u}s-Javier Chi-Dom{\'\i}nguez and Alejandro Cabrera Aldaya and Billy Bob Brumley},
 booktitle = {{CCS}},
 title = {{D{\'e}j{\`a} Vu: Side-Channel Analysis of Mozilla's NSS}},
 year = {2020}
}

@inproceedings{Hassan2021Dram,
 author = {Hassan, Hasan and Can Tu\v{g}rul, Yahya and Kim, Jeremie S. and Van der Veen, Victor and Razavi, Kaveh and Mutlu, Onur},
 booktitle = {IEE MICRO},
 note = {Extended classification tree and PoCs at https://transient.fail/.},
 title = {{Uncovering In-DRAM RowHammer Protection Mechanisms: A New Methodology, Custom RowHammer Patterns, and Implications}},
 year = {2021}
}

@misc{Hayak2015Some,
 author = {Hayak, Ben},
 title = {{Same Origin Method Execution (SOME)}},
 url = {http://www.benhayak.com/2015/06/same-origin-method-execution-some.html},
 year = {2015}
}

@inproceedings{Hayes2019Cuda,
 author = {Hayes, Ari B. and Hua, Fei and Huang, Jin and Chen, Yanhao and Zhang, Eddy Z.},
 booktitle = {IEEE/ACM International Symposium on Code Generation and Optimization},
 title = {Decoding CUDA binary},
 year = {2019}
}

@incollection{Hazhirpasand2020tricking,
 author = {Hazhirpasand, Mohammadreza and Ghafari, Mohammad and Nierstrasz, Oscar},
 booktitle = {Proceedings of the Evaluation and Assessment in Software Engineering},
 title = {Tricking johnny into granting web permissions},
 year = {2020}
}

@inproceedings{he2007sim,
 author = {He, Sheng and Paar, Ing Christof},
 booktitle = {Seminar Work, Ruhr-University of Bochum},
 title = {SIM card security},
 year = {2007}
}

@inproceedings{He2020Ctfuzz,
 author = {He, Shaobo and Emmi, Michael and Ciocarlie, Gabriela},
 booktitle = {ICST},
 title = {ct-fuzz: Fuzzing for Timing Leaks},
 year = {2020}
}

@inproceedings{Heckel2023AMDre,
 author = {Heckel, Martin and Adamsky, Florian},
 booktitle = {DRAMSec},
 title = {Reverse-Engineering Bank Addressing Functions on AMD CPUs},
 year = {2023}
}

@misc{Hedayati2018,
 author = {Hedayati, Mohammad and Gravani, Spyridoula and Johnson, Ethan and Criswell, John and Scott, Michael and Shen, Kai and Marty, Mike},
 title = {{Janus: Intra-Process Isolation for High-Throughput Data Plane Libraries}},
 year = {2018}
}

@inproceedings{hedayati2019hodor,
 author = {Hedayati, Mohammad and Gravani, Spyridoula and Johnson, Ethan and Criswell, John and Scott, Michael L and Shen, Kai and Marty, Mike},
 booktitle = {USENIX ATC},
 title = {Hodor:{Intra-Process} isolation for {High-Throughput} data plane libraries},
 year = {2019}
}

@misc{Hegde2008OptimizingPerformance,
 author = {{Hegde, Ravi}},
 title = {{Optimizing Application Performance on Intel® Core™ Microarchitecture Using Hardware-Implemented Prefetchers}},
 year = {2008}
}

@inproceedings{Heiderich2012,
 author = {Heiderich, Mario and Niemietz, Marcus and Schuster, Felix and Holz, Thorsten and Schwenk, J{\"o}rg},
 booktitle = {{CCS}},
 title = {Scriptless Attacks: Stealing the Pie Without Touching the Sill},
 year = {2012}
}

@inproceedings{Heiderich2013Mxss,
 author = {Heiderich, Mario and Schwenk, J{\"o}rg and Frosch, Tilman and Magazinius, Jonas and Yang, Edward Z},
 booktitle = {{CCS}},
 title = {{mXSS Attacks: Attacking well-secured Web-Applications by using innerHTML Mutations}},
 year = {2013}
}

@article{heiderich2014scriptless,
 author = {Heiderich, Mario and Niemietz, Marcus and Schuster, Felix and Holz, Thorsten and Schwenk, J{\"o}rg},
 journal = {Journal of Computer Security},
 title = {Scriptless attacks: Stealing more pie without touching the sill},
 year = {2014}
}

@inproceedings{heiderich2017dompurify,
 author = {Heiderich, Mario and Sp{\"a}th, Christopher and Schwenk, J{\"o}rg},
 booktitle = {{ESORICS}},
 title = {Dompurify: Client-side protection against xss and markup injection},
 year = {2017}
}

@inproceedings{Heirman2018Prefetch,
 author = {Heirman, Wim and Bois, Kristof Du and Vandriessche, Yves and Eyerman, Stijn and Hur, Ibrahim},
 booktitle = {PACT '18},
 title = {Near-side Prefetch Throttling: Adaptive Prefetching for High-performance Many-core Processors},
 year = {2018}
}

@misc{Helin_radamsa,
 author = {Aki Helin},
 title = {{Radamsa}},
 url = {https://gitlab.com/akihe/radamsa}
}

@inproceedings{Helm2020dram,
 author = {Helm, Christian and Akiyama, Soramichi and Taura, Kenjiro},
 booktitle = {International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunication Systems (MASCOTS)},
 title = {Reliable reverse engineering of intel dram addressing using performance counters},
 year = {2020}
}

@inproceedings{Hemme2004differential,
 author = {Hemme, Ludger},
 booktitle = {CHES},
 title = {A differential fault attack against early rounds of (triple-) DES},
 year = {2004}
}

@book{Heninger2009,
 author = {Heninger, Nadia and Shacham, Hovav},
 booktitle = {Crypto'09},
 title = {{Reconstructing RSA Private Keys from Random Key Bits}},
 year = {2009}
}

@book{Hennessy2011,
 author = {Hennessy, John L and Patterson, David A},
 publisher = {Elsevier},
 title = {{Computer architecture: a quantitative approach}},
 year = {2011}
}

@book{Hennessy2017,
 author = {Hennessy, John L and Patterson, David A},
 edition = {6},
 publisher = {Morgan Kaufmann},
 title = {{Computer Architecture: A Quantitative Approach}},
 year = {2017}
}

@misc{Henry2012msr,
 author = {Henry, G. Glenn and Parks, Terry},
 month = {December},
 note = {US Patent 8,341,419 B2},
 publisher = {Google Patents},
 title = {Apparatus and method for limiting access to model specific registers in a microprocessor},
 year = {2012}
}

@inproceedings{Herath2015,
 author = {Herath, Nishad and Fogh, Anders},
 booktitle = {Black Hat Briefings},
 no-url = {https://www.blackhat.com/docs/us-15/materials/us-15-Herath-These-Are-Not-Your-Grand-Daddys-CPU-Performance-Counters-CPU-Hardware-Performance-Counters-For-Security.pdf},
 title = {{These are Not Your Grand Daddys CPU Performance Counters -- CPU Hardware Performance Counters for Security}},
 year = {2015}
}

@inproceedings{Herdt2019,
 author = {Herdt, Vladimir and Gro{\ss}e, Daniel and Le, Hoang M and Drechsler, Rolf},
 booktitle = {Design Automation Conference},
 title = {{Verifying Instruction Set Simulators using Coverage-guided Fuzzing}},
 year = {2019}
}

@inproceedings{Herdt2020Closing,
 author = {Herdt, Vladimir and Gro{\ss}e, Daniel and Drechsler, Rolf},
 booktitle = {Design Automation Conference},
 title = {Closing the RISC-V compliance gap: Looking from the negative testing side},
 year = {2020}
}

@inproceedings{Herdt2021Mutation,
 author = {Herdt, Vladimir and Tempel, S{\"o}ren and Gro{\ss}e, Daniel and Drechsler, Rolf},
 booktitle = {Design Automation Conference},
 title = {{Mutation-based Compliance Testing for RISC-V}},
 year = {2021}
}

@inproceedings{Hernandez2019,
 author = {Andr{\'e}s Rainiero Hern{\'a}ndez Coronado and Wonjun Lee},
 booktitle = {IEEE ICDCS},
 title = {{Are We Referring to the Same x86{\_}64?: Detection of Cache Events in AMD's Zen Micro-architecture}},
 year = {2019}
}

@inproceedings{Hetterich2022Branch,
 author = {Lorenz Hetterich and Michael Schwarz},
 booktitle = {DIMVA},
 title = {{Branch Different - Spectre Attacks on Apple Silicon}},
 year = {2022}
}

@inproceedings{Hetterich2025ShadowLoad,
 author = {Lorenz Hetterich and Fabian Thomas and Lukas Gerlach and Ruiyi Zhang and Nils Bernsdorf and Eduard Ebert and Michael Schwarz},
 booktitle = {ASPLOS},
 title = {{ShadowLoad: Injecting State into Hardware Prefetchers}},
 year = {2025}
}

@article{Hetzelt2017sev,
 author = {Hetzelt, Felicitas and Buhren, Robert},
 journal = {ACM SIGPLAN Notices},
 title = {Security analysis of encrypted virtual machines},
 year = {2017}
}

@misc{HetznerDedicatedRoot,
 author = {Hetzner},
 title = {Dedicated Root Server Hosting},
 url = {https://www.hetzner.com/dedicated-rootserver/},
 year = {2018}
}

@inproceedings{Heule2016,
 author = {Stefan Heule and Eric Schkufza and Rahul Sharma and Alex Aiken},
 booktitle = {{PLDI}},
 publisher = {{ACM}},
 title = {{Stratified Synthesis: Automatically Learning the x86-64 Instruction Set}},
 year = {2016}
}

@inproceedings{heule2016stratified,
 author = {Heule, Stefan and Schkufza, Eric and Sharma, Rahul and Aiken, Alex},
 booktitle = {PLDI},
 title = {Stratified synthesis: automatically learning the x86-64 instruction set},
 year = {2016}
}

@misc{heyes2023blind,
 author = {{Heyes, Gareth}},
 title = {{Blind CSS Exfiltration: exfiltrate unknown web pages}},
 url = {https://portswigger.net/research/blind-css-exfiltration},
 year = {2023}
}

@article{hill2019spectre,
 author = {Hill, Mark D and Masters, Jon and Ranganathan, Parthasarathy and Turner, Paul and Hennessy, John L},
 journal = {IEEE Micro},
 number = {2},
 pages = {9--19},
 publisher = {IEEE},
 title = {{On the Spectre and Meltdown Processor Security Vulnerabilities}},
 volume = {39},
 year = {2019}
}

@misc{HilyZH09,
 author = {Hily, Sebastien and Zhang, Zhongying and Hammarlund, Per},
 howpublished = {US Patent 7.603,527},
 title = {Resolving False Dependencies of Speculative Load Instructions},
 year = {2009}
}

@inproceedings{Hind2001pointer,
 author = {Hind, Michael},
 booktitle = {PASTE},
 title = {Pointer analysis: Haven't we solved this problem yet?},
 year = {2001}
}

@inproceedings{Hinton2001microarchitecture,
 author = {Hinton, Glenn and Sager, Dave and Upton, Mike and Boggs, Darrell and others},
 booktitle = {Intel Technology Journal},
 title = {{The microarchitecture of the Pentium 4 processor}},
 year = {2001}
}

@inproceedings{Hirki2016,
 author = {Hirki, Mikael and Ou, Zhonghong and Khan, Kashif Nizam and Nurminen, Jukka K and Niemi, Tapio},
 booktitle = {USENIX CoolDC},
 title = {Empirical study of the power consumption of the x86-64 instruction decoder},
 year = {2016}
}

@inproceedings{Hiser2012,
 author = {Hiser, Jason and Nguyen-Tuong, Anh and Co, Michele and Hall, Matthew and Davidson, Jack W.},
 booktitle = {{IEEE S\&P'12}},
 title = {ILR: Where'D My Gadgets Go?},
 year = {2012}
}

@misc{Hocevar2015zzuf,
 author = {Sam Hocevar},
 title = {{Zzuf}},
 url = {https://github.com/samhocevar/zzuf/}
}

@misc{Hodder2015Firmware,
 author = {{Dave Hodder}},
 title = {{Open source firmware for the Launchpad Pro grid controller}},
 url = {https://github.com/dvhdr/launchpad-pro},
 year = {2015}
}

@inproceedings{Hodovan2016fuzzing,
 author = {Hodov{\'a}n, Ren{\'a}ta and Kiss, {\'A}kos},
 booktitle = {{International Conference on Integrated Formal Methods}},
 title = {{Fuzzing JavaScript Engine APIs}},
 year = {2016}
}

@inproceedings{hofmann2023speculation,
 author = {Hofmann, Jana and Vannacci, Emanuele and Fournet, C{\'e}dric and K{\"o}pf, Boris and Oleksenko, Oleksii},
 booktitle = {USENIX Security},
 title = {Speculation at Fault: Modeling and Testing Microarchitectural Leakage of {CPU} Exceptions},
 year = {2023}
}

@inproceedings{Hofmann2024Cloudstorage,
 author = {Hofmann, Jonas and Truong, Kien Tuong},
 booktitle = {{CCS}},
 title = {End-to-End Encrypted Cloud Storage in the Wild: A Broken Ecosystem},
 year = {2024}
}

@inproceedings{hofmann2024gaussian,
 author = {Hofmann, Jana and Fournet, C{\'e}dric and K{\"o}pf, Boris and Volos, Stavros},
 booktitle = {CCS},
 title = {Gaussian Elimination of Side-Channels: Linear Algebra for Memory Coloring},
 year = {2024}
}

@techreport{Hogye2001,
 author = {Hogye, Michael Augustus and Hughes, Christopher Taddeus and Sarfaty, Joshua Michael and Wolf, Joseph David},
 institution = {School of Engineering and Applied Science University of Virginia},
 title = {{Analysis of the Feasibility of Keystroke Timing Attacks over SSH Connections}},
 year = {2001}
}

@misc{Holen2017,
 author = {Holen, Vidar},
 title = {{Experiments and fun with the Linux disk cache}},
 url = {https://www.linuxatemyram.com/play.html},
 year = {2017}
}

@inproceedings{Holler2012Fuzzing,
 author = {Holler, Christian and Herzig, Kim and Zeller, Andreas},
 booktitle = {USENIX Security Symposium},
 title = {Fuzzing with code fragments},
 year = {2012}
}

@inproceedings{holtryd2023sok,
 author = {Holtryd, Nadja Ramhöj and Manivannan, Madhavan and Stenström, Per},
 booktitle = {EuroS\&P},
 title = {SoK: Analysis of Root Causes and Defense Strategies for Attacks on Microarchitectural Optimizations},
 year = {2023}
}

@article{Holzmann2015,
 author = {Holzmann, Gerard J},
 journal = {IEEE Software},
 title = {Code inflation},
 year = {2015}
}

@inproceedings{Homescu2013,
 author = {Homescu, Andrei and Brunthaler, Stefan and Larsen, Per and Franz, Michael},
 booktitle = {CCS'13},
 title = {Librando: transparent code randomization for just-in-time compilers},
 year = {2013}
}

@inproceedings{Hong2010Qed,
 author = {Hong, Ted and Li, Yanjing and Park, Sung-Boem and Mui, Diana and Lin, David and Kaleq, Ziyad Abdel and Hakim, Nagib and Naeimi, Helia and Gardner, Donald S and Mitra, Subhasish},
 booktitle = {IEEE International Test Conference},
 title = {QED: Quick error detection tests for effective post-silicon validation},
 year = {2010}
}

@article{Hong2018,
 author = {Sanghyun Hong and Michael Davinroy and Yiǧitcan Kaya and Stuart Nevans Locke and Ian Rackow and Kevin Kulda and Dana Dachman-Soled and Tudor Dumitraş},
 journal = {arXiv:1810.03487},
 title = {{Security Analysis of Deep Neural Networks Operating in the Presence of Cache Side-Channel Attacks}},
 year = {2018}
}

@misc{Hooker2013STL,
 author = {Hooker, Rodney E and Eddy, Colin},
 note = {US Patent 8,533,438},
 publisher = {Google Patents},
 title = {Store-to-load forwarding based on load/store address computation source information comparisons},
 year = {2013}
}

@article{Hopper2010Tor,
 author = {Hopper, Nicholas and Vasserman, Eugene Y and Chan-Tin, Eric},
 journal = {TISSEC},
 publisher = {ACM},
 title = {{How much anonymity does network latency leak?}},
 year = {2010}
}

@misc{Horn2017Swap,
 author = {Christian Horn},
 month = {February},
 title = {Do we really need swap on modern systems?},
 url = {https://www.redhat.com/en/blog/do-we-really-need-swap-modern-systems},
 year = {2017}
}

@misc{Horn2018spectre1,
 author = {Horn, Jann},
 title = {{Reading privileged memory with a side-channel}},
 year = {2018}
}

@misc{Horn2018spectre4,
 author = {Jann Horn},
 title = {{speculative execution, variant 4: speculative store bypass}},
 year = {2018}
}

@inproceedings{Hornetz2025Lixom,
 author = {Tristan Hornetz and Lukas Gerlach and Michael Schwarz},
 booktitle = {FC},
 title = {{Lixom: Protecting Encryption Keys with Execute-Only Memory}},
 year = {2025}
}

@inproceedings{hornetz2025lixom,
 author = {Hornetz, Tristan and Gerlach, Lukas and Schwarz, Michael},
 booktitle = {Financial Cryptography and Data Security (FC)},
 title = {Lixom: Protecting Encryption Keys with Execute-Only Memory},
 year = {2025}
}

@inproceedings{Hornetz2025PortPrint,
 author = {Tristan Hornetz and Michael Schwarz},
 booktitle = {uASC},
 title = {{PortPrint: Identifying Inaccessible Code with Port Contention}},
 year = {2025}
}

@inproceedings{Horowitz2024spec,
 author = {Horowitz, Gal and Ronen, Eyal and Yarom, Yuval},
 booktitle = {ACM CCS},
 title = {Spec-o-Scope: Cache Probing at Cache Speed},
 year = {2024}
}

@misc{Horrigan2008,
 author = {Horrigan, John B},
 month = {September},
 title = {{Use of cloud computing applications and services}},
 url = {http://www.pewinternet.org/2008/09/12/use-of-cloud-computing-applications-and-services/},
 year = {2008}
}

@misc{horvat2024npm,
 author = {Horvat, Luke},
 title = {{NPM Package - computed-style-to-inline-style}},
 url = {{https://www.npmjs.com/package/computed-style-to-inline-style}},
 year = {2024}
}

@article{Hosseinzadeh2018,
 author = {Hosseinzadeh, Shohreh and Liljestrand, Hans and Lepp{\"a}nen, Ville and Paverd, Andrew},
 journal = {arXiv:1808.06478},
 title = {{Mitigating Branch-Shadowing Attacks on Intel SGX using Control Flow Randomization}},
 year = {2018}
}

@inproceedings{Hotchips2018,
 author = {Partha Ranganathan and John Hennessy and Paul Turner and Jon Masters and Mark Hill},
 booktitle = {HotChips: A Symposium on High Performance Chips},
 title = {{Keynote 1: Spectre/Meltdown {\&} What It Means for Future Chip Design}},
 year = {2018}
}

@book{Householder2017,
 author = {Allen D. Householder and Garret Wassermann and Art Manion and Chris King},
 publisher = {Carnegie Mellon University},
 title = {{The CERT Guide to Coordinated Vulnerability Disclosure}},
 year = {2017}
}

@article{howgrave2001lattice,
 author = {Howgrave-Graham, Nick A and Smart, Nigel P.},
 journal = {Designs, Codes and Cryptography},
 number = {3},
 pages = {283--290},
 publisher = {Springer},
 title = {{Lattice attacks on digital signature schemes}},
 volume = {23},
 year = {2001}
}

@misc{howWindowsTPM,
 author = {{Microsoft}},
 title = {{How Windows 10 uses the Trusted Platform Module}},
 url = {https://docs.microsoft.com/en-us/windows/security/information-protection/tpm/how-windows-uses-the-tpm},
 year = {2019}
}

@misc{Hromatka2018,
 author = {Hromatka, Tom},
 title = {{seccomp and libseccomp performance improvements}},
 year = {2018}
}

@misc{Hruska2019AMD,
 author = {Joel Hruska},
 title = {{AMD Gains Market Share in Desktop and Laptop, Slips in Servers}},
 url = {https://www.extremetech.com/computing/291032-amd},
 year = {2019}
}

@inproceedings{Hsiao2024rtl,
 author = {Hsiao, Yao and Nikoleris, Nikos and Khyzha, Artem and Mulligan, Dominic P and Petri, Gustavo and Fletcher, Christopher W and Trippel, Caroline},
 booktitle = {MICRO},
 title = {RTL2M$\mu$PATH: Multi-$\mu$PATH Synthesis with Applications to Hardware Security Verification},
 year = {2024}
}

@article{Hsueh1997,
 author = {Hsueh, Mei-Chen and Tsai, Timothy K and Iyer, Ravishankar K},
 journal = {Computer},
 publisher = {IEEE},
 title = {{Fault injection techniques and tools}},
 year = {1997}
}

@article{Hu1992fuzzy,
 author = {Hu, Wei-Ming},
 journal = {Journal of Computer Security},
 title = {{Reducing Timing Channels with Fuzzy Time}},
 year = {1992}
}

@inproceedings{Hu1992lattice,
 author = {Hu, Wei-Ming},
 booktitle = {S\&P'92},
 title = {{Lattice Scheduling and Covert Channels}},
 year = {1992}
}

@inproceedings{Hu2005Godson2,
 author = {Hu, Wei-Wu and Zhang, Fu-Xin and Li, Zu-Song},
 booktitle = {Journal of Computer Science and Technology},
 title = {Microarchitecture of the Godson-2 Processor},
 year = {2005}
}

@inproceedings{Hu2009write,
 author = {Hu, Xiao-Yu and Eleftheriou, Evangelos and Haas, Robert and Iliadis, Ilias and Pletka, Roman},
 booktitle = {{SYSTOR: The Israeli Experimental Systems Conference}},
 title = {{Write amplification analysis in flash-based solid state drives}},
 year = {2009}
}

@inproceedings{hu2018spoofing,
 author = {Hu, Hang and Wang, Gang},
 booktitle = {{USENIX}},
 title = {{End-to-End} Measurements of Email Spoofing Attacks},
 year = {2018}
}

@inproceedings{hu2021sok,
 author = {Hu, Guangyuan and He, Zecheng and Lee, Ruby B.},
 booktitle = {SEED},
 title = {SoK: Hardware Defenses Against Speculative Execution Attacks},
 year = {2021}
}

@article{hu2023faultmorse,
 author = {Hu, Lifeng and Zhang, Fan and Liang, Ziyuan and Ding, Ruyi and Cai, Xingyu and Wang, Zonghui and Jin, Wenguang},
 journal = {Computers \& Security},
 title = {FaultMorse: An automated controlled-channel attack via longest recurring sequence},
 year = {2023}
}

@inproceedings{Hua2018epti,
 author = {Hua, Zhichao and Du, Dong and Xia, Yubin and Chen, Haibo and Zang, Binyu},
 booktitle = {{USENIX ATC}},
 title = {{EPTI: efficient defence against meltdown attack for unpatched VMs}},
 year = {2018}
}

@inproceedings{Huang2012,
 author = {Huang, Rei-Fu and Yang, Hao-Yu and Chao, Mango C.-T. and Lin, Shih-Chin},
 booktitle = {Annual Design Automation Conference (DAC)},
 title = {{Alternate hammering test for application-specific DRAMs and an industrial case study}},
 year = {2012}
}

@inproceedings{huang2012clickjacking,
 author = {Huang, Lin-Shung and Moshchuk, Alex and Wang, Helen J and Schecter, Stuart and Jackson, Collin},
 booktitle = {{USENIX} Security Symposium},
 title = {Clickjacking: Attacks and defenses},
 year = {2012}
}

@inproceedings{huang2014analyzing,
 author = {Huang, Lin Shung and Rice, Alex and Ellingsen, Erling and Jackson, Collin},
 booktitle = {IEEE Symposium on Security and Privacy (SP)},
 title = {Analyzing forged SSL certificates in the wild},
 year = {2014}
}

@article{Huang2016,
 author = {Huang, bunnie and Snowden, Edward},
 journal = {The Journal of Open Engineering},
 title = {{Against the Law: Countering Lawful Abuses of Digital Surveillance}},
 year = {2016}
}

@article{Huber2011,
 author = {Huber, Markus and Mulazzani, Martin and Weippl, Edgar and Kitzler, Gerhard and Goluch, Sigrun},
 journal = {IEEE Internet Computing},
 number = {3},
 pages = {28--34},
 title = {{Friend-in-the-middle attacks: Exploiting social networking sites for spam}},
 volume = {15},
 year = {2011}
}

@misc{huli2022stealing,
 author = {{huli.tw}},
 title = {{Stealing Data with CSS - CSS Injection (Part 2)}},
 url = {https://blog.huli.tw/2022/09/29/en/css-injection-2/},
 year = {2022}
}

@inproceedings{Hund2009,
 author = {Ralf Hund and Thorsten Holz and Felix C. Freiling},
 booktitle = {{USENIX Security Symposium}},
 title = {Return-Oriented Rootkits: Bypassing Kernel Code Integrity Protection Mechanisms},
 year = {2009}
}

@inproceedings{Hund2013,
 author = {Hund, Ralf and Willems, Carsten and Holz, Thorsten},
 booktitle = {{S\&P}},
 title = {{Practical Timing Side Channel Attacks against Kernel Space ASLR}},
 year = {2013}
}

@inproceedings{hunger2015understanding,
 author = {Hunger, Casen and Kazdagli, Mikhail and Rawat, Ankit and Dimakis, Alex and Vishwanath, Sriram and Tiwari, Mohit},
 booktitle = {HPCA},
 title = {Understanding contention-based channels and using them for defense},
 year = {2015}
}

@inproceedings{Hunt2016,
 author = {Tyler Hunt and
Zhiting Zhu and
Yuanzhong Xu and
Simon Peter and
Emmett Witchel},
 booktitle = {Usenix OSDI},
 title = {Ryoan: {A} Distributed Sandbox for Untrusted Computation on Secret
Data},
 year = {2016}
}

@inproceedings{huo2020bluethunder,
 author = {Huo, Tianlin and Meng, Xiaoni and Wang, Wenhao and Hao, Chunliang and Zhao, Pei and Zhai, Jian and Li, Mingshu},
 booktitle = {CHES},
 title = {{Bluethunder: A 2-level Directional Predictor Based Side-Channel Attack against SGX}},
 year = {2020}
}

@inproceedings{Hur2021Difuzzrtl,
 author = {Hur, Jaewon and Song, Suhwan and Kwon, Dongup and Baek, Eunjin and Kim, Jangwoo and Lee, Byoungyoung},
 booktitle = {S\&P},
 title = {Difuzzrtl: Differential fuzz testing to find cpu bugs},
 year = {2021}
}

@inproceedings{hur2022specdoctor,
 author = {Hur, Jaewon and Song, Suhwan and Kim, Sunwoo and Lee, Byoungyoung},
 booktitle = {ACM SIGSAC Conference on Computer and Communications Security},
 title = {Specdoctor: Differential fuzz testing to find transient execution vulnerabilities},
 year = {2022}
}

@inproceedings{Hutter2013,
 author = {Hutter, Michael and Schmidt, J{\"o}rn-Marc},
 booktitle = {{International Conference on Smart Card Research and Advanced Applications}},
 organization = {Springer},
 pages = {219--235},
 title = {{The temperature side channel and heating fault attacks}},
 year = {2013}
}

@misc{HygonRAPLPatch,
 author = {Wen, Pu},
 title = {{Add support for Hygon Fam 18h (Dhyana) RAPL}},
 url = {https://patchwork.kernel.org/patch/11123607/},
 year = {2019}
}

@misc{IAIK2016drama,
 author = {IAIK},
 title = {{DRAMA Reverse-Engineering Tool and Side-Channel Tools}},
 url = {https://github.com/IAIK/drama},
 year = {2016}
}

@misc{IAIK2016Github,
 author = {IAIK},
 title = {{Prefetch Side-Channel Attacks V2P}},
 url = {{https://github.com/IAIK/prefetch/blob/master/v2p/v2p.c}},
 year = {2016}
}

@misc{IBM2018Potential,
 organization = {{IBM}},
 title = {{Potential Impact on Processors in the POWER Family}},
 url = {https://www.ibm.com/blogs/psirt/potential-impact-processors-power-family/},
 year = {2018}
}

@misc{IBM2019CloudFunctions,
 author = {{IBM}},
 tile = {{IBM Cloud functions}},
 url = {https://cloud.ibm.com/functions/},
 year = {2019}
}

@misc{IBM2022Disabling,
 author = {{IBM Cloud}},
 title = {{Disabling Intel Hyper-Threading Technology}},
 url = {https://cloud.ibm.com/docs/vpc?topic=vpc-disabling-hyper-threading},
 year = {2022}
}

@misc{IDC2015,
 author = {{International Data Corporation}},
 month = {February},
 title = {{Android and iOS Squeeze the Competition}},
 url = {http://www.idc.com/getdoc.jsp?containerId=prUS25450615},
 year = {2015}
}

@article{Idrus2014,
 author = {Idrus, Syed and Cherrier, Estelle and Rosenberger, Christophe and Bours, Patrick},
 issn = {0167-4048},
 journal = {Computers \& Security},
 pages = {147--155},
 shorttitle = {Soft Biometrics for Keystroke Dynamics},
 title = {{Soft Biometrics for Keystroke Dynamics: {{Profiling}} Individuals While Typing Passwords}},
 volume = {45},
 year = {2014}
}

@misc{Imperas2022Riscvovpsim,
 author = {Imperas},
 url = {https://github.com/riscv-ovpsim/imperas-riscv-tests},
 year = {2022}
}

@article{Inci2015,
 author = {Inci, Mehmet Sinan and Gulmezoglu, Berk and Irazoqui, Gorka and Eisenbarth, Thomas and Sunar, Berk},
 journal = {Cryptology ePrint Archive, Report 2015/898},
 title = {{Seriously, get off my cloud! Cross-VM RSA Key Recovery in a Public Cloud}},
 year = {2015}
}

@inproceedings{Inci2016,
 author = {Inci, Mehmet Sinan and Gulmezoglu, Berk and Irazoqui, Gorka and Eisenbarth, Thomas and Sunar, Berk},
 booktitle = {CHES},
 title = {{Cache Attacks Enable Bulk Key Recovery on the Cloud}},
 year = {2016}
}

@misc{Informaction2021noscript,
 author = {InformAction Forums},
 title = {{NoScript 11.3.3 Customization}},
 url = {{https://forums.informaction.com/viewtopic.php?p=103816}},
 year = {2021}
}

@inproceedings{Inoue1999,
 author = {Inoue, Koji and Ishihara, Tohru and Murakami, Kazuaki},
 booktitle = {Symposium on Low Power Electronics and Design},
 title = {Way-predicting set-associative cache for high performance and low energy consumption},
 year = {1999}
}

@misc{intel-ht,
 author = {{Intel Corporation}},
 title = {{Hyper-Threading Technology: Architecture and Microarchitecture}},
 year = {2002}
}

@misc{intel-mcamfp,
 author = {{Intel Corporation}},
 title = {{White Paper: Intel MCA+MFP Helps JD Stable and Efficient Cloud Services}},
 year = {2023}
}

@misc{intel-tdx-module-spec,
 author = {{Intel Corporation}},
 title = {{Intel Trust Domain Extensions (Intel TDX) Module Base Architecture Specification}},
 volume = {348549-001US},
 year = {2021}
}

@misc{Intel2008,
 author = {Intel},
 title = {{First the Tick, Now the Tock: Next Generation Intel{$\textregistered$} Microarchitecture (Nehalem)}},
 year = {2008}
}

@misc{Intel2009QPI,
 author = {Intel},
 month = {Jan},
 title = {An Introduction to the Intel QuickPath Interconnect},
 year = {2009}
}

@misc{Intel2010,
 author = {Intel},
 title = {{How to Benchmark Code Execution Times on Intel IA-32 and IA-64 Instruction Set Architectures White Paper}},
 year = {2010}
}

@misc{Intel2014TaintTracking,
 author = {Jung Jaeyeon and Zhu, Yu},
 number = {US14542961},
 title = {Sensitive Data Tracking Using Dynamic Taint Analysis},
 url = {https://patents.google.com/patent/US9548986B2},
 year = {2014}
}

@misc{Intel2015pstate,
 author = {Intel Corporation},
 title = {{What exactly is a P-state? (Pt. 1)}},
 year = {2015}
}

@misc{Intel2017Performance,
 author = {{Intel}},
 note = {Revision 1.0},
 title = {{Intel 64 and IA32 Architectures Performance Monitoring Events}},
 year = {2017}
}

@misc{Intel2018BTIAdvisory,
 author = {{Intel}},
 title = {{Branch Target Injection / CVE-2017-5715 / INTEL-SA-00088}},
 url = {https://software.intel.com/security-software-guidance/advisory-guidance/branch-target-injection},
 year = {2018}
}

@misc{Intel2018cet,
 author = {{Intel}},
 month = {June},
 note = {Revision 2.0},
 title = {{Control-flow Enforcement Technology Preview}},
 year = {2017}
}

@misc{Intel2018ibpb,
 author = {{Intel Corporation}},
 number = {758388},
 title = {{Indirect Branch Predictor Barrier}},
 year = {2018}
}

@misc{Intel2018IBRS,
 author = {{Intel}},
 title = {{Indirect Branch Restricted Speculation}},
 url = {https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/indirect-branch-restricted-speculation.html},
 year = {2018}
}

@misc{Intel2018itlb,
 author = {Intel},
 title = {{Deep Dive: Machine Check Error Avoidance on Page Size Change}},
 url = {https://software.intel.com/security-software-guidance/insights/deep-dive-machine-check-error-avoidance-page-size-change},
 year = {2018}
}

@misc{Intel2018l1tf,
 author = {{Intel}},
 title = {{Deep Dive: Intel Analysis of L1 Terminal Fault}},
 year = {2018}
}

@misc{Intel2018m3a,
 author = {{Intel}},
 title = {{Q2 2018 Speculative Execution Side Channel Update}},
 year = {2018}
}

@misc{Intel2018microrevguide,
 author = {{Intel Newsroom}},
 month = {April},
 title = {Microcode Revision Guidance},
 url = {https://newsroom.intel.com/wp-content/uploads/sites/11/2018/04/microcode-update-guidance.pdf},
 year = {2018}
}

@misc{Intel2018pku,
 author = {{Intel}},
 title = {{Intel Xeon Processor Scalable Family Technical Overview}},
 year = {2017}
}

@misc{Intel2018RDCL,
 organization = {{Intel Corp.}},
 title = {{Rogue Data Cache Load / CVE-2017-5754 / INTEL-SA-00088}},
 url = {https://software.intel.com/security-software-guidance/software-guidance/rogue-data-cache-load},
 year = {2018}
}

@misc{Intel2018resourcesL1TF,
 author = {{Intel}},
 month = {August},
 title = {{Resources and Response to Side Channel L1 Terminal Fault}},
 year = {2018}
}

@misc{Intel2018retpoline,
 author = {{Intel}},
 note = {Revision 003},
 title = {{Retpoline: A Branch Target Injection Mitigation}},
 year = {2018}
}

@misc{Intel2018sok_mitigation,
 author = {{Intel}},
 title = {{More Information on Transient Execution Findings}},
 url = {https://software.intel.com/security-software-guidance/insights/more-information-transient-execution-findings},
 year = {2018}
}

@misc{Intel2018SpecExWhitePaper,
 author = {Intel},
 title = {Intel Analysis of Speculative Execution Side Channels},
 url = {https://newsroom.intel.com/wp-content/uploads/sites/11/2018/01/Intel-Analysis-of-Speculative-Execution-Side-Channels.pdf},
 year = {2018}
}

@misc{Intel2018spectrefix,
 author = {{Intel Newsroom}},
 month = {March},
 title = {Advancing Security at the Silicon Level},
 url = {https://newsroom.intel.com/editorials/advancing-security-silicon-level/},
 year = {2018}
}

@misc{Intel2018stipb,
 author = {{Intel Corporation}},
 number = {758387},
 title = {{Single Thread Indirect Branch Predictors}},
 year = {2018}
}

@misc{Intel2018white_paper,
 author = {{Intel}},
 note = {Revision 4.0},
 title = {{Intel Analysis of Speculative Execution Side Channels}},
 year = {2018}
}

@misc{Intel2019MDSAnalysis,
 author = {{Intel}},
 title = {{Deep Dive: Intel Analysis of Microarchitectural Data Sampling}},
 year = {2019}
}

@misc{Intel2019MDSCPUs,
 author = {{Intel}},
 month = {May},
 title = {{Deep Dive: CPUID Enumeration and Architectural MSRs}},
 url = {https://software.intel.com/security-software-guidance/insights/deep-dive-cpuid-enumeration-and-architectural-msrs#MDS-CPUID},
 year = {2019}
}

@misc{Intel2020Affected,
 author = {{Intel}},
 title = {{Affected Processors: Transient Execution Attacks}},
 url = {https://software.intel.com/security-software-guidance/processors-affected-transient-execution-attack-mitigation-product-cpu-model},
 year = {2020}
}

@misc{Intel2020CostBP,
 author = {Intel},
 title = {{Avoiding the Cost of Branch Misprediction}},
 url = {https://software.intel.com/content/www/us/en/develop/articles/avoiding-the-cost-of-branch-misprediction.html},
 year = {2020}
}

@misc{Intel2020Guidelines,
 author = {{Intel Corporation}},
 title = {{Guidelines for Mitigating Timing Side Channels Against Cryptographic Implementations}},
 url = {https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/secure-coding/mitigate-timing-side-channel-crypto-implementation.html},
 year = {2020}
}

@misc{Intel2020LVI,
 author = {{Intel}},
 title = {{Deep Dive: Load Value Injection}},
 url = {https://software.intel.com/security-software-guidance/deep-dives/deep-dive-load-value-injection},
 year = {2020}
}

@misc{Intel2020LVImitigation,
 author = {{Intel}},
 title = {{An Optimized Mitigation Approach for Load Value Injection}},
 url = {https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/best-practices/optimized-mitigation-approach-load-value-injection.html},
 year = {2020}
}

@misc{Intel2020LVIOpt,
 author = {{Intel}},
 title = {{Affected Processors: Transient Execution Attacks}},
 url = {https://software.intel.com/security-software-guidance/best-practices/optimized-mitigation-approach-load-value-injection},
 year = {2020}
}

@misc{Intel2020Refined,
 author = {{Intel Corporation}},
 title = {{Refined Speculative Execution Terminology}},
 url = {https://software.intel.com/security-software-guidance/insights/refined-speculative-execution-terminology},
 year = {2020}
}

@misc{Intel2020snoop,
 author = {Intel},
 title = {{Deep Dive: Snoop-assisted L1 Data Sampling}},
 url = {https://software.intel.com/security-software-guidance/insights/deep-dive-snoop-assisted-l1-data-sampling},
 year = {2020}
}

@misc{Intel2020srbds,
 author = {Intel},
 title = {{Special Register Buffer Data Sampling}},
 url = {https://software.intel.com/security-software-guidance/deep-dives/deep-dive-special-register-buffer-data-sampling},
 year = {2020}
}

@misc{Intel2020STIBP,
 author = {{Intel Corporation}},
 title = {{Single Thread Indirect Branch Predictors}},
 url = {https://software.intel.com/security-software-guidance/deep-dives/deep-dive-single-thread-indirect-branch-predictors},
 year = {2020}
}

@misc{Intel2020vector,
 author = {Intel},
 title = {{Vector Register Sampling / CVE-2020-0548 / INTEL-SA-OO329}},
 url = {https://software.intel.com/security-software-guidance/software-guidance/vector-register-sampling},
 year = {2020}
}

@misc{intel2020xeon,
 author = {Intel},
 month = {October},
 title = {Intel {Xeon} Scalable Platform Built for Most Sensitive Workloads},
 url = {https://www.intel.com/content/www/us/en/newsroom/news/xeon-scalable-platform-built-sensitive-workloads.html},
 year = {2020}
}

@misc{Intel2021DisableTSX,
 author = {{Intel}},
 month = {April},
 title = {{Intel Transactional Synchronization Extensions (Intel TSX) Memory and Performance Monitoring Update for Intel Processors}},
 url = {https://www.intel.com/content/www/us/en/support/articles/000059422/processors.html},
 year = {2023}
}

@misc{Intel2021fpvi,
 author = {{Intel}},
 title = {{Floating Point Value Injection}},
 url = {https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/floating-point-value-injection.html},
 year = {2021}
}

@misc{Intel2021MDS,
 author = {{Intel}},
 month = {November},
 title = {{Microarchitectural Data Sampling}},
 url = {https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/intel-analysis-microarchitectural-data-sampling.html},
 year = {2021}
}

@misc{Intel2021scsb,
 author = {{Intel}},
 title = {{Speculative Code Store Bypass}},
 url = {https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/speculative-code-store-bypass.html},
 year = {2021}
}

@misc{Intel2021sgxdeveloper,
 author = {{Intel}},
 month = {October},
 note = {Rev 2.15.1},
 title = {{Intel Software Guard Extensions (Intel SGX) Developer Guide}},
 year = {2021}
}

@misc{Intel2021TDX,
 author = {{Intel}},
 title = {{Intel Trust Domain CPU Architectural Extensions}},
 volume = {343754-002US},
 year = {2021}
}

@misc{Intel2022AEX,
 author = {{Intel}},
 title = {{Asynchronous Enclave Exit Notify and the EDECCSSA User Leaf Function}},
 url = {https://cdrdv2-public.intel.com/736463/aex-notify-white-paper-public.pdf},
 year = {2022}
}

@misc{Intel2022DOIT,
 author = {{Intel Corporation}},
 title = {{Data Operand Independent Timing Instruction Set Architecture (ISA) Guidance}},
 url = {https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/best-practices/data-operand-independent-timing-isa-guidance.html},
 year = {2022}
}

@misc{Intel2023Affected,
 author = {{Intel}},
 title = {{Affected Processors: Transient Execution Attacks}},
 url = {https://www.intel.com/content/www/us/en/developer/topic-technology/software-security-guidance/processors-affected-consolidated-product-cpu-model.html},
 year = {2023}
}

@misc{Intel2023optimization,
 author = {{Intel Corporation}},
 number = {671488},
 title = {{Intel 64 and IA-32 Architectures Optimization Reference Manual Volume 1}},
 year = {2023}
}

@misc{intel2023tdx,
 author = {Intel},
 title = {{Intel Trust Domain Extensions}},
 url = {https://cdrdv2-public.intel.com/690419/TDX-Whitepaper-February2022.pdf},
 year = {2023}
}

@misc{Intel2024ark,
 author = {Intel},
 title = {Product Specifications},
 url = {https://ark.intel.com/content/www/us/en/ark.html},
 year = {2024}
}

@misc{Intel2024bhidiss,
 author = {{Intel Corporation}},
 number = {824191},
 title = {{Branch History Injection and Intra-mode Branch Target Injection}},
 year = {2024}
}

@misc{Intel2024RFDS,
 author = {{Intel Corporation}},
 title = {{Register File Data Sampling}},
 url = {https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/register-file-data-sampling.html},
 year = {2024}
}

@misc{Intel2025Affected,
 author = {{Intel}},
 title = {{Affected Processors: Transient Execution Attacks}},
 url = {https://www.intel.com/content/www/us/en/developer/topic-technology/software-security-guidance/processors-affected-consolidated-product-cpu-model.html},
 year = {2025}
}

@misc{Intel_AES-NI,
 author = {Intel},
 title = {{Advanced Encryption Standard (AES) Instructions Set: White Paper}},
 year = {2008}
}

@misc{Intel_combined,
 author = {{Intel}},
 title = {{Intel 64 and IA-32 Architectures Software Developer{$\textquoteright$}s Manual Combined Volumes: 1, 2A, 2B, 2C, 2D, 3A, 3B, 3C, 3D and 4}},
 volume = {253665-086US},
 year = {2024}
}

@misc{Intel_Copying,
 author = {{Intel}},
 title = {{Copying Accelerated Video Decode Frame Buffers}},
 year = {2015}
}

@misc{Intel_DisableHWPrefetcher,
 author = {Vish Viswanathan},
 title = {Disclosure of Hardware Prefetcher Control on Some Intel Processors},
 url = {https://software.intel.com/en-us/articles/disclosure-of-hw-prefetcher-control-on-some-intel-processors}
}

@misc{Intel_HardeningSGX,
 author = {{Intel Corporation}},
 title = {{Hardening Password Managers with Intel Software Guard Extensions: White Paper}},
 year = {2016}
}

@article{Intel_IOAPIC,
 author = {Intel},
 title = {{82093AA I/O Advanced Programmable Interrupt Controller (IOAPIC)}},
 year = {1996}
}

@misc{Intel_ISA,
 author = {Intel},
 title = {{Intel{$\textregistered$} Architecture Instruction Set Extensions Programming Reference}},
 volume = {319433-012A},
 year = {2012}
}

@misc{Intel_opt,
 author = {Intel},
 title = {{Intel 64 and IA-32 Architectures Optimization Reference Manual}},
 year = {2019}
}

@misc{Intel_PIN,
 author = {{Intel Corporation}},
 title = {{Pin - A Dynamic Binary Instrumentation Tool}},
 url = {https://www.intel.com/software/pintool}
}

@article{Intel_SGX2,
 author = {{Intel Corporation}},
 title = {{Software Guard Extensions Programming Reference, Rev. 2.}},
 year = {2014}
}

@misc{Intel_SGXDifferences,
 author = {{Intel Corporation}},
 month = {January},
 no-url = {https://software.intel.com/en-us/blogs/2016/01/07/intel-sgx-debug-production-prelease-whats-the-difference},
 title = {{Intel SGX: Debug, Production, Pre-release -- What's the Difference?}},
 year = {2016}
}

@misc{Intel_SGXSigning,
 author = {{Intel Corporation}},
 month = {May},
 no-note = {Retrieved on November 10, 2018},
 no-url = {https://software.intel.com/en-us/sgx-sdk-dev-reference-enclave-signing-key-management},
 title = {{Enclave Signing Key Management}},
 year = {2018}
}

@misc{Intel_SGXSPL,
 author = {{Intel Corporation}},
 month = {{May}},
 title = {{Intel Software Guard Extensions (Intel SGX) Protected Code Loader (PCL) for Linux}},
 year = {2018}
}

@article{intel_tsx_update,
 author = {{Intel}},
 note = {{Document Number 604224}},
 title = {{Performance Monitoring Impact of Intel Transactional Synchronization Extension Memory Ordering Issue}},
 version = {1.5},
 year = {2023}
}

@misc{Intel_TSXdisable,
 author = {{Intel}},
 month = {August},
 title = {{Intel Xeon Processor E3-1200 v3 Product Family Specification Update}},
 url = {https://www.intel.com/content/dam/www/public/us/en/documents/specification-updates/xeon-e3-1200v3-spec-update.pdf},
 year = {2018}
}

@article{intel_unc_hsw,
 author = {Intel},
 pages = {1--232},
 title = {{Intel{$\textregistered$} Xeon{$\textregistered$} Processor E5 v3 Family Uncore Performance Monitoring Reference Manual}},
 volume = {331051-001},
 year = {2014}
}

@article{intel_unc_ivb,
 author = {Intel},
 pages = {1--200},
 title = {{Intel{$\textregistered$} Xeon{$\textregistered$} Processor E5 v2 and E7 v2 Product Families Uncore Performance Monitoring Reference Manual}},
 volume = {329468-002},
 year = {2014}
}

@article{intel_unc_sdb,
 author = {Intel},
 pages = {1--136},
 title = {{Intel {$\textregistered$} Xeon {$\textregistered$} Processor E5-2600 Product Family Uncore Performance Monitoring Guide}},
 url = {http://www.intel.co.uk/content/dam/www/public/us/en/documents/design-guides/xeon-e5-2600-uncore-guide.pdf},
 volume = {327043-001},
 year = {2012}
}

@article{Intel_vol1,
 author = {Intel},
 title = {{Intel{$\textregistered$} 64 and IA-32 Architectures Software Developer{$\textquoteright$}s Manual, Volume 1: Basic Architecture}},
 volume = {253665},
 year = {2016}
}

@misc{Intel_vol2,
 author = {{Intel}},
 title = {{Intel 64 and IA-32 Architectures Software Developer{$\textquoteright$}s Manual Volume 2 (2A, 2B, 2C \& 2D): Instruction Set Reference, A-Z}},
 volume = {253665},
 year = {2021}
}

@misc{Intel_vol3,
 author = {{Intel}},
 number = {253668},
 title = {{Intel 64 and IA-32 Architectures Software Developer's Manual, Volume 3 (3A, 3B \& 3C): System Programming Guide}},
 year = {2023}
}

@misc{Intel_vol4,
 author = {{Intel}},
 month = {May},
 number = {335592-070US},
 title = {{Intel 64 and IA-32 Architectures Software Developer's Manual, Volume 4: Model-Specific Registers}},
 year = {2019}
}

@misc{Intel_WC,
 author = {{Intel}},
 title = {{Write Combining Memory Implementation Guidelines}},
 year = {1998}
}

@misc{IntelAdaptivePrefechting2016,
 author = {{Intel}},
 note = {US Patent 9,280.474 B2},
 title = {{Adaptive data prefetching}},
 year = {2016}
}

@misc{IntelAESCPAP,
 author = {{Intel}},
 title = {{Advanced Encryption Standard (AES) Crypto Performance Analysis Project}},
 year = {2013}
}

@misc{IntelAESNISampleLibrary,
 author = {{Gladman, Brian}},
 title = {{Intel AESNI Sample Library}},
 url = {https://software.intel.com/content/www/us/en/develop/articles/download-intel-aesni-sample-library.html},
 year = {2013}
}

@misc{IntelBounty,
 author = {Intel},
 title = {{Intel Bug Bounty Program Terms}},
 url = {https://www.intel.com/content/www/us/en/security-center/bug-bounty-program.html},
 year = {2020}
}

@misc{IntelCoreX2018,
 author = {Intel},
 month = {January},
 title = {{Intel{$\textregistered$} Core{$\textregistered$} X-Series Processor Families: Datasheet Volume 1 of 2}},
 year = {2018}
}

@misc{IntelIntegratedPerformancePrimitives,
 author = {Intel},
 title = {{Intel® Integrated Performance Primitives}},
 url = {https://software.intel.com/content/www/us/en/develop/tools/integrated-performance-primitives.html},
 year = {2020}
}

@misc{intelIPP,
 author = {{Intel}},
 title = {{Developer Reference for Intel Integrated Performance Primitives Cryptography}},
 url = {https://software.intel.com/en-us/ipp-crypto-reference},
 year = {2019}
}

@misc{IntelJcc2019,
 author = {{Intel}},
 title = {{Mitigations for Jump Conditional Code Erratum, Revision 1.0}},
 year = {2019}
}

@misc{IntelL1TF,
 author = {{Intel}},
 title = {{L1 Terminal Fault SA-00161}},
 url = {https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault},
 year = {2018}
}

@misc{IntelMDSadvisory,
 author = {Intel},
 title = {{Intel-SA-00233 Microarchitectural Data Sampling Advisory}},
 url = {https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html},
 year = {2019}
}

@misc{IntelMDSperformance,
 author = {{Intel}},
 month = {May},
 title = {{Side Channel Vulnerability MDS}},
 url = {https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html},
 year = {2019}
}

@misc{IntelMemoryOrdering2008,
 key = {{Memory Ordering}},
 title = {{Intel 64 Architecture Memory Ordering White Paper}}
}

@misc{IntelMitigations,
 author = {{Intel}},
 note = {Revision 3.0},
 title = {{Speculative Execution Side Channel Mitigations}},
 year = {2018}
}

@misc{IntelPinTool,
 author = {{Intel Corporation}},
 title = {{Pin - A Dynamic Binary Instrumentation Tool}},
 url = {https://software.intel.com/en-us/articles/pin-a-dynamic-binary-instrumentation-tool},
 year = {2012}
}

@misc{IntelProcessors,
 author = {Dogan Yigit Yenigun},
 title = {{toUpperCase78/Intel-Processors: Datasets for All Processors Maufactured By Intel }},
 url = {https://github.com/toUpperCase78/intel-processors},
 year = {2024}
}

@misc{IntelpTRR,
 author = {Marcin Kaczmarski},
 month = {August},
 title = {{Thoughts on Intel{$\textregistered$} Xeon{$\textregistered$} E5-2600 v2 Product Family Performance Optimisation -- component selection guidelines}},
 url = {http://infobazy.gda.pl/2014/pliki/prezentacje/d2s2e4-Kaczmarski-Optymalna.pdf},
 year = {2014}
}

@misc{intelQuark,
 author = {{Intel}},
 title = {{Intel Quark Microcontrollers}},
 url = {https://www.intel.com/content/www/us/en/embedded/products/quark/overview.html},
 year = {2019}
}

@misc{IntelRAPLadvisory,
 author = {Intel},
 title = {{Intel-SA-00389}},
 url = {https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html},
 year = {2020}
}

@misc{IntelrogueSystemRegRead2018AffectedRegisters,
 author = {Intel},
 title = {Instructions affected by rogue system register read},
 url = {https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/resources/instructions-affected-rogue-system-register-read.html},
 year = {2018}
}

@misc{IntelRSRRadvisory,
 author = {Intel},
 title = {{Intel-SA-00115 Q2 2018 Speculative Execution Side Channel Update}},
 url = {https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html},
 year = {2019}
}

@article{intelsa00161,
 note = {Accessed 2025-08-04},
 organization = {{Intel Corporation}},
 title = {{INTEL-SA-00161}: {Q3} 2018 Speculative Execution Side Channel Update},
 url = {https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html},
 year = {2018}
}

@article{intelsa00464,
 note = {Accessed 2025-06-03},
 organization = {{Intel Corporation}},
 title = {{INTEL-SA-00464}: 2021.1 {IPU} - {Intel Processor Advisory}},
 url = {https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html},
 version = {1.0},
 year = {2021}
}

@article{intelsa00898,
 note = {Accessed 2024-08-03},
 organization = {{Intel Corporation}},
 title = {{INTEL-SA-00898}: 2024.1 {IPU} - {Intel Atom Processor Advisory}},
 url = {https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00898.html},
 version = {1.0},
 year = {2024}
}

@misc{intelsdk,
 author = {{Intel}},
 title = {{Get Started with the SDK}},
 url = {https://software.intel.com/en-us/sgx/sdk},
 year = {{2019}}
}

@misc{intelSGX,
 author = {{Intel}},
 title = {{Intel Software Guard Extensions (Intel SGX)}},
 url = {https://software.intel.com/en-us/sgx},
 year = {2019}
}

@misc{intelSideChannelMitigations,
 author = {{Intel}},
 title = {Side Channel Mitigation by Product CPU Model},
 url = {https://www.intel.com/content/www/us/en/architecture-and-technology/engineering-new-protections-into-hardware.html}
}

@misc{IntelSKU,
 author = {{Intel}},
 month = {April},
 title = {{Engineering New Protections Into Hardware}},
 url = {https://www.intel.com/content/www/us/en/architecture-and-technology/engineering-new-protections-into-hardware.html},
 year = {2019}
}

@misc{IntelSpecAnalysis,
 author = {{Intel}},
 month = {July},
 title = {{{Intel} Analysis of Speculative Execution Side Channels}},
 url = {https://software.intel.com/security-software-guidance/api-app/sites/default/files/336983-Intel-Analysis-of-Speculative-Execution-Side-Channels-White-Paper.pdf},
 year = {2018}
}

@misc{IntelSSLSGX,
 author = {{Intel}},
 title = {{Intel® Software Guard Extensions SSL}},
 url = {https://github.com/intel/intel-sgx-ssl},
 year = {2019}
}

@misc{IntelTAA,
 author = {{Intel}},
 month = {November},
 title = {{Deep Dive: Intel Transactional Synchronization Extensions (Intel TSX) Asynchronous Abort}},
 url = {https://software.intel.com/security-software-guidance/insights/deep-dive-intel-transactional-synchronization-extensions-intel-tsx-asynchronous-abort},
 year = {2019}
}

@misc{IntelTCB,
 author = {{Intel}},
 title = {{Intel SGX Trusted Computing Base (TCB) Recovery}},
 url = {https://software.intel.com/sites/default/files/managed/01/7b/Intel-SGX-Trusted-Computing-Base-Recovery.pdf},
 year = {2018}
}

@misc{IntelTSX_CPP,
 author = {{Intel}},
 day = {29},
 month = {April},
 title = {{Intel® C++ Compiler 19.0 Developer Guide and Reference}},
 year = {2019}
}

@misc{IntelTSXSGX,
 author = {{Intel}},
 month = {March},
 title = {{Performance Monitoring Impact of Intel Transactional Synchronization Extension Memory}},
 url = {https://cdrdv2.intel.com/v1/dl/getContent/604224},
 year = {2019}
}

@misc{IntelXeonE5v4Vol2,
 author = {Intel},
 title = {{Intel{$\textregistered$} Xeon{$\textregistered$} Processor E5 v4 Product Family: Datasheet Volume 2: Registers}},
 volume = {2},
 year = {2016}
}

@inproceedings{Ion2011,
 author = {Ion, Iulia and Sachdeva, Niharika and Kumaraguru, Ponnurangam and {\v{C}}apkun, Srdjan},
 booktitle = {{Proceedings of the Seventh Symposium on Usable Privacy and Security}},
 title = {{Home is safer than the cloud!: privacy concerns for consumer cloud storage}},
 year = {2011}
}

@misc{Ionescu2017TwitterApple,
 author = {Ionescu, Alex},
 title = {{Twitter: Apple Double Map}},
 url = {https://twitter.com/aionescu/status/948609809540046849},
 year = {2017}
}

@misc{Ionescu2017TwitterWindows,
 author = {Ionescu, Alex},
 title = {{Windows 17035 Kernel ASLR/VA Isolation In Practice (like Linux KAISER).}},
 url = {https://twitter.com/aionescu/status/930412525111296000},
 year = {2017}
}

@misc{Ionescu2018MeltdownUncached,
 author = {Ionescu, Alex},
 month = {Jan},
 title = {Twitter: Meltdown with Uncached Memory},
 url = {https://twitter.com/aionescu/status/950994906759143425},
 year = {2018}
}

@misc{Ionescu2018SMAPWindows,
 author = {Ionescu, Alex},
 title = {Twitter: SMAP Windows 10},
 url = {https://twitter.com/aionescu/status/1042445591861710848},
 year = {2018}
}

@misc{Ionescu2018WindowsKASLR,
 author = {Ionescu, Alex},
 month = {Apr},
 title = {Twitter: Windows KASLR},
 url = {https://twitter.com/aionescu/status/725399988306644992},
 year = {2016}
}

@inproceedings{Irazoqui2014,
 author = {Irazoqui, Gorka and Inci, Mehmet Sinan and Eisenbarth, Thomas and Sunar, Berk},
 booktitle = {RAID'14},
 title = {{Wait a minute! A fast, Cross-VM attack on AES}},
 year = {2014}
}

@inproceedings{Irazoqui2015Lucky,
 author = {Irazoqui, Gorka and Inci, Mehmet Sinan and Eisenbarth, Thomas and Sunar, Berk},
 booktitle = {AsiaCCS},
 title = {Lucky 13 Strikes Back},
 year = {2015}
}

@article{Irazoqui2015Neighbor,
 author = {Irazoqui, Gorka and Inci, Mehmet Sinan and Eisenbarth, Thomas and Sunar, Berk},
 journal = {PETS},
 title = {Know Thy Neighbor: Crypto Library Detection in Cloud},
 year = {2015}
}

@inproceedings{Irazoqui2015SA,
 author = {Irazoqui, Gorka and Eisenbarth, Thomas and Sunar, Berk},
 booktitle = {S\&P},
 title = {{S\$A: A Shared Cache Attack that Works Across Cores and Defies VM Sandboxing -- and its Application to AES}},
 year = {2015}
}

@inproceedings{Irazoqui2015slice,
 author = {Irazoqui, Gorka and Eisenbarth, Thomas and Sunar, Berk},
 booktitle = {Euromicro Conference on Digital System Design},
 title = {Systematic reverse engineering of cache slice selection in Intel processors},
 year = {2015}
}

@inproceedings{Irazoqui2016Cross,
 author = {Irazoqui, Gorka and Eisenbarth, Thomas and Sunar, Berk},
 booktitle = {AsiaCCS},
 title = {Cross processor cache attacks},
 year = {2016}
}

@misc{Irazoqui2016mascat,
 author = {Gorka Irazoqui and Thomas Eisenbarth and Berk Sunar},
 howpublished = {ePrint 2016/1196},
 title = {{MASCAT}: Stopping Microarchitectural Attacks Before Execution},
 year = {2017}
}

@inproceedings{Irazoqui2018mascat,
 author = {Irazoqui, Gorka and Eisenbarth, Thomas and Sunar, Berk},
 booktitle = {CODASPY},
 title = {MASCAT: Preventing microarchitectural attacks before distribution},
 year = {2018}
}

@inproceedings{Islam2018,
 author = {Islam, Mohammad A and Ren, Shaolei},
 booktitle = {CCS},
 title = {{Ohm's Law in Data Centers: A Voltage Side Channel for Timing Power Attacks}},
 year = {2018}
}

@inproceedings{Islam2019Spoiler,
 author = {Islam, Saad and Moghimi, Ahmad and Bruhns, Ida and Krebbel, Moritz and Gulmezoglu, Berk and Eisenbarth, Thomas and Sunar, Berk},
 booktitle = {USENIX Security Symposium},
 title = {{SPOILER: Speculative Load Hazards Boost Rowhammer and Cache Attacks}},
 year = {2019}
}

@book{ISO2011C11,
 author = {{ISO}},
 publisher = {International Organization for Standardization},
 title = {{ISO/IEC 9899:2011 Information technology --- Programming languages --- C}},
 year = {2011}
}

@inproceedings{Ispoglou2018,
 author = {Kyriakos K. Ispoglou and
Bader AlBassam and
Trent Jaeger and
Mathias Payer},
 booktitle = {CCS},
 title = {Block Oriented Programming: Automating Data-Only Attacks},
 year = {2018}
}

@inproceedings{Jackson2006,
 author = {Jackson, Collin and Bortz, Andrew and Boneh, Dan and Mitchell, John C},
 booktitle = {{WWW}},
 title = {{Protecting browser state from web privacy attacks}},
 year = {2006}
}

@incollection{Jackson2011,
 author = {Jackson, Todd and Salamat, Babak and Homescu, Andrei and Manivannan, Karthikeyan and Wagner, Gregor and Gal, Andreas and Brunthaler, Stefan and Wimmer, Christian and Franz, Michael},
 booktitle = {Moving Target Defense},
 editor = {Jajodia, Sushil and Ghosh, Anup K. and Swarup, Vipin and Wang, Cliff and Wang, X. Sean},
 location = {New York, NY},
 pages = {77--98},
 publisher = {Springer New York},
 series = {Advances in Information Security},
 title = {{Compiler-Generated Software Diversity}},
 volume = {54},
 year = {2011}
}

@inproceedings{Jahagirdar2012,
 author = {Sanjeev Jahagirdar and Varghese George and Inder Sodhi and Ryan Wells},
 booktitle = {IEEE Hot Chips Symposium (HCS)},
 title = {{Power Management of the Third Generation Intel Core Micro Architecture formerly codenamed Ivy Bridge}},
 year = {2012}
}

@article{Jain2019spy,
 author = {Jain, Himanshi and Balaraju, D Anthony and Rebeiro, Chester},
 journal = {Journal of Hardware and Systems Security},
 number = {2},
 pages = {147--163},
 publisher = {Springer},
 title = {Spy Cartel: Parallelizing Evict+ Time-Based Cache Attacks on Last-Level Caches},
 volume = {3},
 year = {2019}
}

@incollection{Jakobsson1999,
 author = {Jakobsson, Markus and Juels, Ari},
 booktitle = {Secure Information Networks},
 pages = {258--272},
 title = {{Proofs of work and bread pudding protocols (extended abstract)}},
 year = {1999}
}

@misc{Jakobsson2007Javascript,
 author = {Jakobsson, Markus and Ramzan, Zulfikar and Stamm, Sid},
 title = {{JavaScript Breaks Free}},
 url = {http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.85.3195&rep=rep1&type=pdf},
 year = {2007}
}

@inproceedings{jaleel2008cmp,
 author = {Jaleel, Aamer and Cohn, Robert S and Luk, Chi-Keung and Jacob, Bruce},
 booktitle = {Annual Workshop on Modeling, Benchmarking and Simulation (MoBS)},
 title = {CMP\$im: A Pin-based on-the-fly multi-core cache simulator},
 year = {2008}
}

@inproceedings{Jana2012,
 author = {Suman Jana and Vitaly Shmatikov},
 booktitle = {{S\&P'12}},
 title = {{Memento: Learning Secrets from Process Footprints}},
 year = {2012}
}

@inproceedings{Jancar2022They,
 author = {Jancar, Jan and Fourn{\'e}, Marcel and Braga, Daniel De Almeida and Sabt, Mohamed and Schwabe, Peter and Barthe, Gilles and Fouque, Pierre-Alain and Acar, Yasemin},
 booktitle = {SP},
 title = {“They’re not that hard to mitigate”: What Cryptographic Library Developers Think About Timing Attacks},
 year = {2022}
}

@inproceedings{Jang2010,
 author = {Jang, Dongseok and Jhala, Ranjit and Lerner, Sorin and Shacham, Hovav},
 booktitle = {{CCS'10}},
 title = {{An empirical study of privacy-violating information flows in JavaScript web applications}},
 year = {2010}
}

@inproceedings{Jang2011,
 author = {Jang, Keon and Han, Sangjin and Han, Seungyeop and Moon, Sue and Park, KyoungSoo},
 booktitle = {Proceedings of the 8th USENIX conference on Networked systems design and implementation (NSDI'11)},
 title = {{SSLShader: Cheap SSL Acceleration with Commodity Processors}},
 year = {2011}
}

@inproceedings{Jang2016,
 author = {Jang, Yeongjin and Lee, Sangho and Kim, Taesoo},
 booktitle = {CCS},
 title = {{Breaking Kernel Address Space Layout Randomization with Intel TSX}},
 year = {2016}
}

@inproceedings{Jang2017SGX,
 author = {Jang, Yeongjin and Lee, Jaehyuk and Lee, Sangho and Kim, Taesoo},
 booktitle = {{SysTEX}},
 title = {{SGX-Bomb: Locking Down the Processor via Rowhammer Attack}},
 year = {2017}
}

@inproceedings{Jangda2015,
 author = {Jangda, Abhinav and Mishra, Mohit and De Sutter, Bjorn},
 booktitle = {Proceedings of the Second ACM Workshop on Moving Target Defense},
 title = {Adaptive Just-In-Time Code Diversification},
 year = {2015}
}

@inproceedings{Jangda2019WebAssembly,
 author = {Abhinav Jangda and Bobby Powers and Emery D. Berger and Arjun Guha},
 booktitle = {{USENIX ATC}},
 title = {Not So Fast: Analyzing the Performance of WebAssembly vs. Native Code},
 year = {2019}
}

@inproceedings{Jattke2022blacksmith,
 author = {Jattke, Patrick and van der Veen, Victor and Frigo, Pietro and Gunter, Stijn and Razavi, Kaveh},
 booktitle = {S\&P},
 title = {Blacksmith: Scalable rowhammering in the frequency domain},
 year = {2022}
}

@inproceedings{jauch2023securebyconstruction,
 author = {Tobias Jauch and
Alex Wezel and
Mohammad Rahmani Fadiheh and
Philipp Schmitz and
Sayak Ray and
Jason M. Fung and
Christopher W. Fletcher and
Dominik Stoffel and
Wolfgang Kunz},
 booktitle = {{IEEE/ACM} International Conference on Computer Aided Design, {ICCAD}},
 doi = {10.1109/ICCAD57390.2023.10323843},
 title = {Secure-by-Construction Design Methodology for CPUs: Implementing Secure
Speculation on the {RTL}},
 url = {https://doi.org/10.1109/ICCAD57390.2023.10323843},
 year = {2023}
}

@misc{JavascriptPrecision2019,
 author = {{Mozilla}},
 title = {JavaScript data structures},
 url = {https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures},
 year = {2019}
}

@inproceedings{Javed2013Towards,
 author = {Javed, Ashar and Schwenk, J{\"o}rg},
 booktitle = {International Workshop on Information Security Applications (WISA)},
 title = {{Towards Elimination of Cross-Site Scripting on Mobile Versions of Web Applications}},
 year = {2013}
}

@inproceedings{Jayasinghe2010remote,
 author = {Jayasinghe, Darshana and Fernando, Jayani and Herath, Ranil and Ragel, Roshan},
 booktitle = {{ICIAFs}},
 title = {{Remote cache timing attack on advanced encryption standard and countermeasures}},
 year = {2010}
}

@misc{jedec,
 author = {{Jedec Solid State Technology Association}},
 title = {{Low Power Double Data Rate 3}},
 url = {http://www.jedec.org/standards-documents/docs/jesd209-4a},
 year = {2013}
}

@inproceedings{Jenkins2020,
 author = {Jenkins, Ira Ray and Anantharaman, Prashant and Shapiro, Rebecca and Brady, J Peter and Bratus, Sergey and Smith, Sean W},
 booktitle = {HotSoS},
 title = {{Ghostbusting: Mitigating Spectre with Intraprocess Memory Isolation}},
 year = {2020}
}

@inproceedings{jenkins2020ghostbusting,
 author = {Jenkins, Ira Ray and Anantharaman, Prashant and Shapiro, Rebecca and Brady, J Peter and Bratus, Sergey and Smith, Sean W},
 booktitle = {Proceedings of the 7th Symposium on Hot Topics in the Science of Security},
 title = {Ghostbusting: Mitigating Spectre with intraprocess memory isolation},
 year = {2020}
}

@misc{JetStream,
 author = {{Apple}},
 month = {August},
 title = {{JetStream 1.1}},
 url = {http://browserbench.org/JetStream},
 year = {2017}
}

@article{Jia2015,
 author = {Jia, Yaoqi and Dong, Xinshu and Liang, Zhenkai and Saxena, Prateek},
 journal = {IEEE Internet Computing},
 number = {1},
 pages = {44--53},
 publisher = {IEEE},
 title = {{I know where you've been: Geo-inference attacks via the browser cache}},
 volume = {19},
 year = {2015}
}

@inproceedings{jian2016jred,
 author = {Jiang, Yufei and Wu, Dinghao and Liu, Peng},
 booktitle = {COMPSAC},
 title = {JRed: Program Customization and Bloatware Mitigation Based on Static Analysis},
 year = {2016}
}

@inproceedings{Jiang2004,
 author = {Jiang, Xuxian and Xu, Dongyan},
 booktitle = {USENIX Security Symposium},
 title = {{Collapsar: A VM-Based Architecture for Network Attack Detention Center}},
 year = {2004}
}

@inproceedings{Jiang2005,
 author = {Jiang, Song and Chen, Feng and Zhang, Xiaodong},
 booktitle = {{USENIX ATC}},
 title = {{CLOCK-Pro: An Effective Improvement of the CLOCK Replacement.}},
 year = {2005}
}

@inproceedings{Jiang2007stealthy,
 author = {Jiang, Xuxian and Wang, Xinyuan and Xu, Dongyan},
 booktitle = {CCS},
 title = {Stealthy malware detection through {VMM}-based out-of-the-box semantic view reconstruction},
 year = {2007}
}

@inproceedings{Jiang2022examiner,
 author = {Jiang, Muhui and Xu, Tianyi and Zhou, Yajin and Hu, Yufeng and Zhong, Ming and Wu, Lei and Luo, Xiapu and Ren, Kui},
 booktitle = {ASPLOS},
 title = {EXAMINER: Automatically locating inconsistent instructions between real devices and CPU emulators for ARM},
 year = {2022}
}

@inproceedings{Jimenez2001,
 author = {Jim{\'e}nez, Daniel A and Lin, Calvin},
 booktitle = {High-Performance Computer Architecture, 2001. HPCA. The Seventh International Symposium on},
 organization = {IEEE},
 pages = {197--206},
 title = {Dynamic branch prediction with perceptrons},
 year = {2001}
}

@inproceedings{Jin2022Timing,
 author = {Jiankai Jin and Eleanor McMurtry and Benjamin I. P. Rubinstein and Olga Ohrimenko},
 booktitle = {S\&P},
 title = {{Are We There Yet? Timing and Floating-Point Attacks on Differential Privacy Systems}},
 year = {2022}
}

@article{jin2023specterminator,
 author = {Jin, Hai and He, Zhuo and Qiang, Weizhong},
 journal = {TACO},
 title = {SpecTerminator: Blocking speculative side channels based on instruction classes on RISC-V},
 year = {2023}
}

@inproceedings{Jindal2015Rc4,
 author = {Poonam Jindal and Brahmjit Singh},
 booktitle = {ICICT},
 title = {{RC4 Encryption - A Literature Survey}},
 year = {2014}
}

@inproceedings{joardar2022learning,
 author = {Joardar, Biresh Kumar and Bletsch, Tyler K and Chakrabarty, Krishnendu},
 booktitle = {DATE},
 title = {Learning to mitigate rowhammer attacks},
 year = {2022}
}

@inproceedings{Jodeit2010,
 author = {Jodeit, Moritz and Johns, Martin},
 booktitle = {{IEEE European Conference on Computer Network Defense}},
 title = {{Usb device drivers: A stepping stone into your kernel}},
 year = {2010}
}

@inproceedings{Johannesmeyer2022kasper,
 author = {Johannesmeyer, Brian and Koschel, Jakob and Razavi, Kaveh and Bos, Herbert and Giuffrida, Cristiano},
 booktitle = {{NDSS}},
 title = {{Kasper: Scanning for Generalized Transient Execution Gadgets in the Linux Kernel}},
 year = {2022}
}

@article{John2006Caches,
 author = {John, Tobias and Baumgartl, Robert},
 journal = {Eighth Real-Time Linux Workshop},
 title = {Worst Case Behavior of CPU Caches},
 year = {2006}
}

@inproceedings{johns2007smask,
 author = {Johns, Martin and Beyerlein, Christian},
 booktitle = {Proceedings of the ACM symposium on Applied computing},
 title = {SMask: Preventing Injection Attacks in Web Applications by Approximating Automatic Data/Code Separation},
 year = {2007}
}

@inproceedings{Johnson1997adjacent,
 author = {Johnson, Teresa L. and Merten, Matthew C. and Hwu, Wen-Mei W.},
 booktitle = {Proceedings of the 30th Annual ACM/IEEE International Symposium on Microarchitecture},
 month = {December},
 series = {MICRO 30},
 title = {Run-time Spatial Locality Detection and Optimization},
 year = {1997}
}

@inproceedings{Johnson2017Protecting,
 author = {Johnson, Peter C and Bratus, Sergey and Smith, Sean W},
 booktitle = {{ACSAC}},
 title = {Protecting against malicious bits on the wire: Automatically generating a USB protocol parser for a production kernel},
 year = {2017}
}

@misc{Johnson2018broken,
 author = {Dougall Johnson},
 title = {{Yes - Intel does have broken speculative execution}},
 url = {https://twitter.com/dougallj/status/948457072047276032},
 year = {2018}
}

@misc{Johnson2018github,
 author = {Dougall Johnson},
 title = {{x86-64 Speculative Execution Harness}},
 url = {https://gist.github.com/dougallj/f9ffd7e37db35ee953729491cfb71392},
 year = {2018}
}

@misc{Johnson2018I,
 author = {Dougall Johnson},
 title = {{I can read user memory using speculative exec reliably}},
 url = {https://twitter.com/dougallj/status/948494573965201408},
 year = {2018}
}

@misc{Johnson2021M1perf,
 author = {Johnson, Dougall},
 title = {{Apple Firestorm/Icestorm CPU microarchitecture docs}},
 url = {https://github.com/dougallj/applecpu},
 year = {2021}
}

@inproceedings{Jones2011,
 author = {Jones, Dave},
 booktitle = {{13th Ottawa Linux Symposium}},
 title = {{Trinity: A system call fuzzer}},
 year = {2011}
}

@inproceedings{Jouppi1990stream,
 author = {Jouppi, Norman P.},
 booktitle = {Proceedings of the 17th Annual International Symposium on Computer Architecture},
 month = {May},
 series = {ISCA '90},
 title = {Improving Direct-mapped Cache Performance by the Addition of a Small Fully-associative Cache and Prefetch Buffers},
 year = {1990}
}

@inproceedings{Joux,
 author = {Joux, Antoine},
 booktitle = {Symposium sur la s\'{e}curit\'{e} des technologies de l'information et des communications (SSTIC'09)},
 title = {{Cartes graphiques : calcul, cryptographie et s\'{e}curit\'{e}}},
 year = {2009}
}

@article{Joyce1990,
 author = {Joyce, Rick and Gupta, Gopal},
 doi = {10.1145/75577.75582},
 issue_date = {Feb. 1990},
 journal = {Commun. ACM},
 pages = {168--176},
 title = {Identity Authentication Based on Keystroke Latencies},
 volume = {33},
 year = {1990}
}

@misc{JsapiUserGuide,
 author = {{MDN}},
 title = {{JSAPI User Guide}},
 url = {https://developer.mozilla.org/en-US/docs/Mozilla/Projects/SpiderMonkey/JSAPI_User_Guide},
 year = {2020}
}

@misc{jsdelivr2024dompurify,
 author = {{jsDelivr}},
 title = {{dompurify}},
 url = {https://www.jsdelivr.com/package/npm/dompurify},
 year = {2024}
}

@misc{JSLotteryGoddard2016,
 author = {{Douglas Goddard}},
 title = {{Hacking the JavaScript Lottery}},
 url = {https://blog.securityevaluators.com/hacking-the-javascript-lottery-80cc437e3b7f},
 year = {2016}
}

@misc{JsSpeculativeCompilation2020,
 author = {Filip Pizlo},
 title = {{Speculation in JavaScriptCore}},
 url = {https://webkit.org/blog/10308/speculation-in-javascriptcore/},
 year = {2020}
}

@inproceedings{juffinger2022csi,
 author = {Juffinger, Jonas and Lamster, Lukas and Kogler, Andreas and Eichlseder, Maria and Lipp, Moritz and Gruss, Daniel},
 booktitle = {IEEE S\&P},
 title = {CSI: Rowhammer-Cryptographic Security and Integrity against Rowhammer},
 year = {2022}
}

@inproceedings{juffinger2023csi,
 author = {Juffinger, Jonas and Lamster, Lukas and Kogler, Andreas and Eichlseder, Maria and Lipp, Moritz and Gruss, Daniel},
 booktitle = {IEEE S\&P},
 title = {CSI: Rowhammer-Cryptographic Security and Integrity against Rowhammer},
 year = {2023}
}

@misc{Jurczyk2013,
 author = {Jurczyk, Mateusz and Coldwind, Gynvael and others},
 title = {{Identifying and exploiting windows kernel race conditions via memory access patterns}},
 year = {2013}
}

@article{Jurczyk2015gadget,
 author = {Jurczyk, Mateusz and Coldwind, Gynvael},
 journal = {Insomni'hack},
 title = {{Permissions overview}},
 year = {2015}
}

@misc{Jurczyk2015Reverse,
 author = {Mateusz (j00ru) Jurczyk},
 journal = {44CON},
 title = {{Reverse engineering and exploiting font rasterizers}},
 url = {https://j00ru.vexillium.org/talks/44con-reverse-engineering-and-exploiting-font-rasterizers/},
 year = {2015}
}

@inproceedings{Kabylkas2021effective,
 author = {Kabylkas, Nursultan and Thorn, Tommy and Srinath, Shreesha and Xekalakis, Polychronis and Renau, Jose},
 booktitle = {MICRO},
 title = {Effective processor verification with logic fuzzer enhanced co-simulation},
 year = {2021}
}

@misc{Kaczmarski2014,
 author = {{Marcin Kaczmarski}},
 month = {August},
 note = {Infobazy 2014},
 title = {{Thoughts on Intel Xeon E5-2600 v2 Product Family Performance Optimisation – component selection guidelines}},
 url = {http://infobazy.gda.pl/2014/pliki/prezentacje/d2s2e4-Kaczmarski-Optymalna.pdf},
 year = {2014}
}

@phdthesis{Kadous2002,
 author = {Kadous, Mohammed Waleed},
 school = {The University of New South Wales},
 title = {Temporal classification: Extending the classification paradigm to multivariate time series},
 year = {2002}
}

@misc{Kahn2004,
 author = {Kahn, Opher D and Wilcox, Jeffrey R},
 month = {September},
 note = {US Patent 6,799,241},
 publisher = {Google Patents},
 title = {{Method for dynamically adjusting a memory page closing policy}},
 year = {2004}
}

@misc{KaiserLKML2017kpti,
 author = {Gleixner, Thomas},
 title = {{x86/kpti: Kernel Page Table Isolation (was KAISER)}},
 url = {https://lkml.org/lkml/2017/12/4/709},
 year = {2017}
}

@misc{KaiserLKML2017rfc,
 author = {Gruss, Daniel},
 title = {{[RFC, PATCH] x86\_64: KAISER - do not map kernel in user mode}},
 url = {https://lkml.org/lkml/2017/5/4/220},
 year = {2017}
}

@misc{KaiserLKML2017v1,
 author = {Hansen, Dave},
 month = {Oct},
 title = {{[PATCH 00/23] KAISER: unmap most of the kernel from userspace page tables}},
 url = {https://lkml.org/lkml/2017/10/31/884},
 year = {2017}
}

@misc{KaiserLKML2017v2,
 author = {Hansen, Dave},
 month = {Nov},
 title = {{[v2] KAISER: unmap most of the kernel from userspace page tables}},
 url = {https://lkml.org/lkml/2017/11/8/752},
 year = {2017}
}

@misc{KaiserLKML2017v3,
 author = {Hansen, Dave},
 month = {Nov},
 title = {{[v3] KAISER: unmap most of the kernel from userspace page tables}},
 url = {https://lkml.org/lkml/2017/11/10/433},
 year = {2017}
}

@misc{KaiserLKML2017v4,
 author = {Hansen, Dave},
 month = {Nov},
 title = {{[v4] KAISER: unmap most of the kernel from userspace page tables}},
 url = {https://lkml.org/lkml/2017/11/22/956},
 year = {2017}
}

@inproceedings{Kaivola2009verification,
 author = {Kaivola, Roope and Ghughal, Rajnish and Narasimhan, Naren and Telfer, Amber and Whittemore, Jesse and Pandav, Sudhindra and Slobodov{\'a}, Anna and Taylor, Christopher and Frolov, Vladimir and Reeber, Erik and others},
 booktitle = {International Conference on Computer Aided Verification},
 title = {{Replacing Testing with Formal Verification in Intel Core i7 Processor Execution Engine Validation}},
 year = {2009}
}

@techreport{kaluderovic2022attacks,
 author = {Kaluderovic, Novak},
 institution = {EPFL},
 title = {Attacks on some post-quantum cryptographic protocols: The case of the Legendre PRF and SIKE},
 year = {2022}
}

@inproceedings{Kamran2015,
 author = {Ali, Kamran and Liu, Alex X. and Wang, Wei and Shahzad, Muhammad},
 booktitle = {Proceedings of the 21st Annual International Conference on Mobile Computing and Networking},
 series = {MobiCom'15},
 title = {Keystroke Recognition Using WiFi Signals},
 year = {2015}
}

@inproceedings{Kande2022Thehuzz,
 author = {Kande, Rahul and Crump, Addison and Persyn, Garrett and Jauernig, Patrick and Sadeghi, Ahmad-Reza and Tyagi, Aakash and Rajendran, Jeyavijayan},
 booktitle = {{USENIX Security Symposium}},
 title = {{TheHuzz: Instruction Fuzzing of Processors Using Golden-Reference Models for Finding Software-Exploitable Vulnerabilities}},
 year = {2022}
}

@inproceedings{kande2022thehuzz,
 author = {Kande, Rahul and Crump, Addison and Persyn, Garrett and Jauernig, Patrick and Sadeghi, Ahmad-Reza and Tyagi, Aakash and Rajendran, Jeyavijayan},
 booktitle = {31st USENIX Security Symposium (USENIX Security 22)},
 pages = {3219--3236},
 title = {{TheHuzz}: Instruction fuzzing of processors using Golden-Reference models for finding Software-Exploitable vulnerabilities},
 year = {2022}
}

@inbook{Kandemir2002,
 author = {Kandemir, Mahmut and Vijaykrishnan, N. and Irwin, Mary Jane},
 chapter = {Compiler Optimizations for Low Power Systems},
 publisher = {Kluwer Academic Publishers},
 title = {Power Aware Computing},
 year = {2002}
}

@misc{Kaplan2016,
 author = {Kaplan, David and Powell, Jeremy and Woller, Tom},
 title = {{AMD Memory Encryption}},
 year = {2016}
}

@misc{Karagounis2011,
 author = {Bill Karagounis and Steven Sinofsky},
 month = {10},
 title = {{Reducing runtime memory in Windows 8}},
 url = {http://blogs.msdn.com/b/b8/archive/2011/10/07/reducing-runtime-memory-in-windows-8.aspx},
 year = {2011}
}

@article{Karantzas2023Forensic,
 author = {Karantzas, George},
 journal = {arXiv preprint arXiv:2302.04541},
 title = {Forensic Log Based Detection For Keystroke Injection" BadUsb" Attacks},
 year = {2023}
}

@misc{Kareenahalli2003,
 author = {Suryaprasad Kareenahalli and Zohar B. Bogin and Mihir D. Shah},
 no-note = {US Patent Grant 2005-06-21},
 no-url = {https://encrypted.google.com/patents/US7076617B2},
 number = {US6910114B2},
 title = {Adaptive idle timer for a memory device },
 year = {2003}
}

@inproceedings{Kargen2015,
 author = {Karg{\'e}n, Ulf and Shahmehri, Nahid},
 booktitle = {{10th Joint Meeting on Foundations of Software Engineering}},
 title = {{Turning programs against each other: high coverage fuzz-testing using binary-code mutation and dynamic slicing}},
 year = {2015}
}

@inproceedings{Karimi2015,
 author = {Karimi, Naghmeh and Kanuparthi, Arun Karthik and Wang, Xueyang and Sinanoglu, Ozgur and Karri, Ramesh},
 booktitle = {{ACM TACO}},
 title = {{MAGIC: Malicious Aging in Circuits/Cores}},
 year = {2015}
}

@article{kario2023everlasting,
 author = {Kario, Hubert},
 journal = {ESORICS},
 title = {Everlasting ROBOT: the Marvin Attack},
 year = {2023}
}

@inproceedings{Kariryaa2021Understanding,
 author = {Kariryaa, Ankit and Savino, Gian-Luca and Stellmacher, Carolin and Sch{\"o}ning, Johannes},
 booktitle = {{USENIX}},
 title = {Understanding users’ knowledge about the privacy and security of browser extensions},
 year = {2021}
}

@inproceedings{Karplus1989Dagmin,
 author = {Karplus, Kevin},
 title = {{Using If-Then-Else DAGs for Multi-Level Logic Minimization}},
 year = {1989}
}

@inproceedings{Karvandi2022hyperdbg,
 author = {Karvandi, Mohammad Sina and Gholamrezaei, MohammadHosein and Khalaj Monfared, Saleh and Medi, Soroush and Abbassi, Behrooz and Amini, Ali and Mortazavi, Reza and Gorgin, Saeid and Rahmati, Dara and Schwarz, Michael},
 booktitle = {CCS},
 title = {HyperDbg: Reinventing Hardware-Assisted Debugging},
 year = {2022}
}

@inproceedings{Kaseridis2011,
 author = {Kaseridis, Dimitris and Stuecheli, Jeffrey and John, Lizy Kurian},
 booktitle = {MICRO},
 title = {{Minimalist open-page: A {DRAM} page-mode scheduling policy for the many-core era}},
 year = {2011}
}

@inproceedings{Kasper2009,
 author = {Emilia K\"{a}sper and Peter Schwabe},
 booktitle = {CHES},
 title = {Faster and Timing-Attack Resistant {AES-GCM}},
 year = {2009}
}

@inproceedings{Kato2012Gdev,
 author = {Kato, Shinpei and McThrow, Michael and Maltzahn, Carlos and Brandt, Scott},
 booktitle = {USENIX ATC'12},
 title = {{Gdev: First-Class GPU Resource Management in the Operating System}},
 year = {2012}
}

@report{Kato2012Implementing,
 author = {Kato, Shinpei},
 title = {{Implementing Open-Source CUDA Runtime}},
 type = {techreport},
 year = {2013}
}

@inproceedings{Katzenbeisser2012,
 author = {Katzenbeisser, Stefan and Kocaba\c{s}, \"{U}nal and Ro\v{z}i\'{c}, Vladimir and Sadeghi, Ahmad-Reza and Verbauwhede, Ingrid and Wachsmann, Christian},
 booktitle = {Proceedings of the 14th Workshop on Cryptographic Hardware and Embedded Systems (CHES'12)},
 title = {{PUFs: Myth, Fact or Busted? A Security Evaluation of Physically Unclonable Functions (PUFs) Cast in Silicon}},
 year = {2012}
}

@inproceedings{Katzman2023gates,
 author = {Katzman, Daniel and Kosasih, William and Chuengsatiansup, Chitchanok and Ronen, Eyal and Yarom, Yuval},
 booktitle = {USENIX Security Symposium},
 title = {The Gates of Time: Improving Cache Attacks with Transient Execution},
 year = {2023}
}

@inproceedings{kauer2007oslo,
 author = {Kauer, Bernhard},
 booktitle = {USENIX Security Symposium},
 title = {{OSLO: Improving the Security of Trusted Computing.}},
 year = {2007}
}

@inproceedings{kaufmann2016constant,
 author = {Kaufmann, Thierry and Pelletier, Herv{\'e} and Vaudenay, Serge and Villegas, Karine},
 booktitle = {CANS},
 title = {{When constant-time source yields variable-time binary: Exploiting curve25519-donna built with MSVC }},
 year = {2016}
}

@inproceedings{Kayaalp2016,
 author = {Kayaalp, Mehmet and Abu-Ghazaleh, Nael and Ponomarev, Dmitry and Jaleel, Aamer},
 booktitle = {DAC},
 title = {A high-resolution side-channel attack on last-level cache},
 year = {2016}
}

@inproceedings{ke2017lightbgm,
 author = {Ke, Guolin and Meng, Qi and Finley, Thomas and Wang, Taifeng and Chen, Wei and Ma, Weidong and Ye, Qiwei and Liu, Tie-Yan},
 booktitle = {Advances in Neural Information Processing Systems},
 title = {LightGBM: A Highly Efficient Gradient Boosting Decision Tree},
 year = {2017}
}

@article{Keller2010,
 author = {Keller, Eric and Szefer, Jakub and Rexford, Jennifer and Lee, Ruby B},
 journal = {ACM SIGARCH Computer Architecture News},
 number = {3},
 title = {{NoHype: Virtualized Cloud Infrastructure without the Virtualization}},
 volume = {38},
 year = {2010}
}

@article{Kelsey2000,
 author = {John Kelsey and Bruce Schneier and David Wagner and Chris Hall},
 journal = {Journal of Computer Security},
 number = {2/3},
 title = {{Side Channel Cryptanalysis of Product Ciphers}},
 volume = {8},
 year = {2000}
}

@inproceedings{Kemerlis2012,
 author = {Kemerlis, Vasileios P. and Portokalidis, Georgios and Keromytis, Angelos D.},
 booktitle = {{USENIX} Security Symposium},
 title = {kGuard: Lightweight Kernel Protection against Return-to-User Attacks},
 year = {2012}
}

@inproceedings{Kemerlis2014,
 author = {Kemerlis, Vasileios P and Polychronakis, Michalis and Keromytis, Angelos D},
 booktitle = {USENIX Security Symposium},
 title = {ret2dir: Rethinking kernel isolation},
 year = {2014}
}

@phdthesis{Kemerlis2015,
 author = {Kemerlis, Vasileios},
 school = {Columbia University},
 title = {Protecting Commodity Operating Systems through Strong Kernel Isolation},
 year = {2015}
}

@misc{Kemp2018internet,
 author = {Simon Kemp},
 title = {{Digitnal In 2018: World's Internet users pass the 4 billion mark}},
 url = {https://wearesocial.com/blog/2018/01/global-digital-report-2018},
 year = {2018}
}

@inproceedings{Kenjar2020v0ltpwn,
 author = {Kenjar, Zijo and Frassetto, Tommaso and Gens, David and Franz, Michael and Sadeghi, Ahmad{-}Reza},
 booktitle = {USENIX Security Symposium},
 title = {{V0LTpwn: Attacking x86 Processor Integrity from Software}},
 year = {2020}
}

@inproceedings{Kennell2003,
 author = {Kennell, Rick and Jamieson, Leah H},
 booktitle = {USENIX Security Symposium},
 title = {{Establishing the Genuinity of Remote Computer Systems}},
 year = {2003}
}

@misc{Kernel2009,
 author = {{kernel.org}},
 title = {Virtual memory map with 4 level page tables (x86\_64)},
 url = {https://www.kernel.org/doc/Documentation/x86/x86_64/mm.txt},
 year = {2009}
}

@misc{Kernel2018speculation,
 author = {{kernel.org}},
 title = {{Documentation: Document array\_index\_nospec - kernel version v4.16-rc1}},
 url = {https://www.kernel.org/doc/Documentation/speculation.txt},
 year = {2018}
}

@misc{Kernel2024THP,
 author = {The kernel development community},
 title = {{Transparent Hugepage Support, Kernel Version 6.12.0-rc6}},
 url = {https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html},
 year = {2024}
}

@misc{Kernel2025spectre_side_channels,
 author = {{kernel.org}},
 title = {{Spectre Side Channels — The Linux Kernel  documentation}},
 url = {https://docs.kernel.org/admin-guide/hw-vuln/spectre.html},
 year = {2025}
}

@misc{Kernel2025speculation_control_interface,
 author = {{kernel.org}},
 title = {{Speculation Control — The Linux Kernel  documentation}},
 url = {https://docs.kernel.org/userspace-api/spec_ctrl.html#set-spec-ctrl},
 year = {2025}
}

@misc{KernelDev2019CoreScheduling,
 author = {The kernel development community},
 title = {Core Scheduling},
 url = {https://docs.kernel.org/admin-guide/hw-vuln/core-scheduling.html},
 year = {2019}
}

@misc{KernelMemoryMap,
 author = {Linux},
 title = {Complete virtual memory map with 4-level page tables},
 url = {https://www.kernel.org/doc/Documentation/x86/x86_64/mm.txt},
 year = {2019}
}

@article{kessler1992page,
 author = {Kessler, Richard E and Hill, Mark D},
 journal = {TOCS},
 title = {Page placement algorithms for large real-indexed caches},
 year = {1992}
}

@article{Kessler1999alpha,
 author = {Kessler, Richard E},
 journal = {IEEE Micro},
 title = {The alpha 21264 microprocessor},
 year = {1999}
}

@incollection{Kessler2011overview,
 author = {Kessler, Gary C and Hosmer, Chet},
 booktitle = {{Advances in Computers}},
 publisher = {Elsevier},
 title = {{An overview of steganography}},
 volume = {83},
 year = {2011}
}

@misc{Kettenis2018BSDHT,
 author = {Kettenis, Mark},
 title = {{CVS: cvs.openbsd.org: src}},
 url = {https://www.mail-archive.com/source-changes@openbsd.org/msg99141.html},
 year = {2018}
}

@article{Keuning2018systematic,
 author = {Keuning, Hieke and Jeuring, Johan and Heeren, Bastiaan},
 journal = {ACM Transactions on Computing Education (TOCE)},
 number = {1},
 title = {A systematic literature review of automated feedback generation for programming exercises},
 volume = {19},
 year = {2018}
}

@misc{KeyDrown2017Github,
 author = {KeyDrown},
 title = {KeyDrown Proof-of-Concept},
 url = {https://github.com/IAIK/keydrown},
 year = {2017}
}

@article{Khan2018,
 author = {Khan, Kashif Nizam and Hirki, Mikael and Niemi, Tapio and Nurminen, Jukka K. and Ou, Zhonghong},
 journal = {ToMPECS},
 title = {{RAPL in Action: Experiences in Using RAPL for Power Measurements}},
 year = {2018}
}

@inproceedings{khan2020spy,
 author = {Khan, Tanvir Ahmed and Sriraman, Akshitha and Devietti, Joseph and Pokam, Gilles and Litz, Heiner and Kasikci, Baris},
 booktitle = {MICRO},
 title = {{I-spy: Context-driven conditional instruction prefetching with coalescing}},
 year = {2020}
}

@inproceedings{khandaker2020coin,
 author = {Khandaker, Mustakimur Rahman and Cheng, Yueqiang and Wang, Zhi and Wei, Tao},
 booktitle = {ASPLOS},
 title = {COIN attacks: On insecurity of enclave untrusted interfaces in SGX},
 year = {2020}
}

@inproceedings{khasawneh2018safespec,
 author = {Khasawneh, Khaled N and Koruyeh, Esmaeil Mohammadian and Song, Chengyu and Evtyushkin, Dmitry and Ponomarev, Dmitry and Abu-Ghazaleh, Nael},
 booktitle = {DAC},
 title = {{SafeSpec: Banishing the Spectre of a Meltdown with Leakage-Free Speculation}},
 year = {2019}
}

@inproceedings{Khatamifard2019powert,
 author = {Khatamifard, S Karen and Wang, Longfei and Das, Amitabh and Kose, Selcuk and Karpuzcu, Ulya R},
 booktitle = {HPCA},
 title = {POWERT channels: A novel class of covert communicationexploiting power management vulnerabilities},
 year = {2019}
}

@inproceedings{Khodayari2023Clobbering,
 author = {Khodayari, Soheil and Pellegrino, Giancarlo},
 booktitle = {S\&P},
 title = {It's (DOM) Clobbering Time: Attack Techniques, Prevalence, and Defenses},
 year = {2023}
}

@misc{Khronos2018webgl,
 author = {Khronos Group},
 title = {{WebGL Extension Registry}},
 url = {https://www.khronos.org/registry/webgl/extensions/},
 year = {2018}
}

@article{Kim2010Learning,
 author = {Kim, Seong-gon and Kim, Yong-Gi},
 journal = {International Journal of Fuzzy Logic and Intelligent Systems},
 title = {A learning ai algorithm for poker with embedded opponent modeling},
 year = {2010}
}

@inproceedings{Kim2012,
 author = {Kim, Taesoo and Peinado, Marcus and Mainar-Ruiz, Gloria},
 booktitle = {USENIX Security Symposium},
 title = {{StealthMem: system-level protection against cache-based side channel attacks in the cloud}},
 year = {2012}
}

@inproceedings{kim2012stealthmem,
 author = {Kim, Taesoo and Peinado, Marcus and Mainar-Ruiz, Gloria},
 booktitle = {USENIX},
 title = {$\{$STEALTHMEM$\}$:$\{$System-Level$\}$ Protection Against $\{$Cache-Based$\}$ Side Channel Attacks in the Cloud},
 year = {2012}
}

@inproceedings{Kim2013practical,
 author = {Kim, Taesoo and Zeldovich, Nickolai},
 booktitle = {{USENIX ATC}},
 title = {Practical and effective sandboxing for non-root users},
 year = {2013}
}

@inproceedings{Kim2014,
 author = {Kim, Yoongu and Daly, Ross and Kim, Jeremie and Fallin, Chris and Lee, Ji Hye and Lee, Donghyuk and Wilkerson, Chris and Lai, Konrad and Mutlu, Onur},
 booktitle = {ISCA},
 title = {{Flipping Bits in Memory Without Accessing Them: An Experimental Study of DRAM Disturbance Errors}},
 year = {2014}
}

@inproceedings{kim2014flipping,
 author = {Kim, Yoongu and Daly, Ross and Kim, Jeremie and Fallin, Chris and Lee, Ji Hye and Lee, Donghyuk and Wilkerson, Chris and Lai, Konrad and Mutlu, Onur},
 booktitle = {ISCA},
 title = {{Flipping Bits in Memory Without Accessing Them: An Experimental Study of DRAM Disturbance Errors}},
 year = {2014}
}

@article{Kim2015,
 author = {Kim, Dae-Hyun and Nair, Prashant J and Qureshi, Moinuddin K},
 journal = {IEEE Computer Architecture Letters},
 title = {{Architectural support for mitigating row hammering in {DRAM} memories}},
 volume = {14},
 year = {2015}
}

@article{kim2015ramulator,
 author = {Kim, Yoongu and Yang, Weikun and Mutlu, Onur},
 journal = {IEEE Comput. Archit.},
 title = {{Ramulator: A fast and extensible DRAM simulator}},
 year = {2015}
}

@article{Kim2019,
 author = {Kim, Deokjin and Jang, Daehee and Park, Minjoon and Jeong, Yunjong and Kim, Jonghwan and Choi, Seokjin and Kang, Brent Byunghoon},
 journal = {Computers \& Security},
 publisher = {Elsevier},
 title = {{SGX-LEGO: Fine-grained SGX controlled-channel attack and its countermeasure}},
 volume = {82},
 year = {2019}
}

@article{Kim2019Reinforcing,
 author = {Kim, Taehyun and Shin, Youngjoo},
 journal = {IEEE Access},
 publisher = {IEEE},
 title = {Reinforcing Meltdown Attack by Using a Return Stack Buffer},
 volume = {7},
 year = {2019}
}

@article{kim2020revisiting,
 author = {Jeremie S. Kim and Minesh Patel and Abdullah Giray Yaglik{\c{c}}i and Hasan Hassan and Roknoddin Azizi and Lois Orosa and Onur Mutlu},
 journal = {ISCA},
 title = {{Revisiting RowHammer: An Experimental Analysis of Modern {DRAM} Devices and Mitigation Techniques}},
 year = {2020}
}

@inproceedings{Kim2025Flop,
 author = {Jason Kim and Jalen Chuang and Daniel Genkin and Yuval Yarom},
 booktitle = {{USENIX Security}},
 title = {FLOP: Breaking the Apple M3 CPU via False Load Output Predictions},
 year = {2025}
}

@inproceedings{kim2025slap,
 author = {Jason Kim and Daniel Genkin and Yuval Yarom},
 booktitle = {S\&{P}},
 title = {SLAP: Data Speculation Attacks via Load Address Prediction on Apple Silicon},
 year = {2025}
}

@inproceedings{Kindratenko2009,
 author = {Kindratenko, Volodymyr V. and Enos, Jeremy J. and Shi, Guochun and Showerman, Michael T. and Arnold, Galen W. and Stone, John E. and Phillips, James C. and Hwu, Wen-mei},
 booktitle = {International Conference on Cluster Computing and Workshops},
 title = {{GPU clusters for high-performance computing}},
 year = {2009}
}

@article{King1976Symbolic,
 author = {King, James C},
 journal = {Commun. ACM},
 title = {{Symbolic execution and program testing}},
 year = {1976}
}

@inproceedings{King2006,
 author = {King, S.T. and Chen, P.M.},
 booktitle = {S\&P},
 title = {{SubVirt: implementing malware with virtual machines}},
 year = {2006}
}

@misc{Kinugawa2021data,
 author = {{Masato Kinugawa}},
 title = {{Data Exfiltration via CSS + SVG Font}},
 url = {https://mksben.l0.cm/2021/11/css-exfiltration-svg-font.html},
 year = {2021}
}

@article{kiranyaz20211d,
 author = {Kiranyaz, Serkan and Avci, Onur and Abdeljaber, Osama and Ince, Turker and Gabbouj, Moncef and Inman, Daniel J},
 journal = {Mechanical systems and signal processing},
 title = {1D convolutional neural networks and applications: A survey},
 year = {2021}
}

@inproceedings{Kiriansky2018dawg,
 author = {Kiriansky, Vladimir and Lebedev, Ilia and Amarasinghe, Saman and Devadas, Srinivas and Emer, Joel},
 booktitle = {{MICRO}},
 title = {{DAWG: A Defense Against Cache Timing Attacks in Speculative Execution Processors}},
 year = {2018}
}

@article{Kiriansky2018speculative,
 author = {Kiriansky, Vladimir and Waldspurger, Carl},
 journal = {arXiv:1807.03757},
 title = {{Speculative Buffer Overflows: Attacks and Defenses}},
 year = {2018}
}

@inproceedings{Kirsch2017Combating,
 author = { Julian Kirsch and Clemens Jonischkeit and Thomas Kittel and Apostolis Zarras and Claudia Eckert},
 booktitle = { 32nd International Conference on ICT Systems Security and Privacy Protection (IFIP SEC) },
 month = { May },
 title = { Combating Control Flow Linearization },
 url = {https://www.sec.in.tum.de/i20/publications/combating-control-flow-linearization/@@download/file/CFL.pdf},
 year = { 2017 }
}

@inproceedings{klees2018evaluating,
 author = {Klees, George and Ruef, Andrew and Cooper, Benji and Wei, Shiyi and Hicks, Michael},
 booktitle = {CCS},
 title = {Evaluating fuzz testing},
 year = {2018}
}

@article{klein2005dom,
 author = {Klein, Amit},
 booktitle = {Web Application Security Consortium, Articles},
 title = {DOM based cross site scripting or XSS of the third kind},
 year = {2005}
}

@inproceedings{Klein2009sel4,
 author = {Klein, Gerwin and Elphinstone, Kevin and Heiser, Gernot and Andronick, June and Cock, David and Derrin, Philip and Elkaduwe, Dhammika and Engelhardt, Kai and Kolanski, Rafal and Norrish, Michael and others},
 booktitle = {SOSP},
 title = {{seL4: Formal verification of an OS kernel}},
 year = {2009}
}

@inproceedings{Klein2019,
 author = {Amit Klein and Benny Pinkas},
 booktitle = {{USENIX} Security},
 title = {From {IP} {ID} to Device {ID} and {KASLR} Bypass},
 year = {2019}
}

@inproceedings{Klein2024Parse,
 author = {Klein, David and Johns, Martin},
 booktitle = {IEEE Symposium on Security and Privacy (SP)},
 title = {{Parse Me, Baby, One More Time: Bypassing HTML Sanitizer via Parsing Differentials}},
 year = {2024}
}

@article{knodel2024definition,
 author = {Knodel, Mallory and Celi, Sof{\'\i}a and Kolkman, Olaf and Grover, Gurshabad},
 journal = {Cryptology ePrint Archive},
 title = {Definition of End-to-end Encryption},
 year = {2024}
}

@article{Knuth1977Fast,
 author = {Knuth, Donald E. and Morris, Jr., James H. and Pratt, Vaughan R.},
 journal = {SIAM Journal on Computing},
 title = {Fast Pattern Matching in Strings},
 year = {1977}
}

@article{Kobojek2016,
 author = {Kobojek, Pawel and Saeed, Khalid},
 journal = {Journal of Telecommunications and Information Technology},
 number = {3},
 title = {{Application of Recurrent Neural Networks for User Verification based on Keystroke Dynamics}},
 year = {2016}
}

@inproceedings{koc2023selection,
 author = {Koc, Kapotoglu and Altilar, Melis and Turgay, Deniz},
 booktitle = {ACM Workshop on Secure and Trustworthy Cyber-Physical Systems},
 title = {Selection of Best Fit Hardware Performance Counters to Detect Cache Side-Channel Attacks},
 year = {2023}
}

@inproceedings{Koch2024stars,
 author = {Simon Koch AND David Klein AND Martin Johns},
 booktitle = {Workshop on Measurements, Attacks, and Defenses for the Web (MADWeb)},
 title = {{The Fault in Our Stars: An Analysis of GitHub Stars as an Importance Metric for Web Source Code}},
 year = {2024}
}

@inproceedings{Kocher1996,
 author = {Kocher, Paul C.},
 booktitle = {CRYPTO},
 title = {{Timing Attacks on Implementations of Diffe-Hellman, RSA, DSS, and Other Systems}},
 year = {1996}
}

@inproceedings{Kocher1999,
 author = {Kocher, Paul C. and Jaffe, Joshua and Jun, Benjamin},
 booktitle = {CRYPTO'99},
 title = {{Differential Power Analysis}},
 year = {1999}
}

@article{kocher2011introduction,
 author = {Kocher, Paul and Jaffe, Joshua and Jun, Benjamin and Rohatgi, Pankaj},
 journal = {Journal of Cryptographic Engineering},
 title = {{Introduction to Differential Power Analysis}},
 year = {2011}
}

@misc{Kocher2018mitigations,
 author = {Paul Kocher},
 title = {{Spectre Mitigations in Microsoft's C/C++ Compiler}},
 year = {2018}
}

@article{Kocher2018website,
 author = {Paul Kocher and Jann Horn and Anders Fogh and Daniel Genkin and Daniel Gruss and Werner Haas and Mike Hamburg and Moritz Lipp and Stefan Mangard and Thomas Prescher and Michael Schwarz and Yuval Yarom},
 title = {Meltdown and Spectre},
 url = {https://spectreattack.com},
 year = {2018}
}

@inproceedings{Kocher2019,
 author = {Paul Kocher and Jann Horn and Anders Fogh and Daniel Genkin and Daniel Gruss and Werner Haas and Mike Hamburg and Moritz Lipp and Stefan Mangard and Thomas Prescher and Michael Schwarz and Yuval Yarom},
 booktitle = {S\&P},
 title = {{Spectre Attacks: Exploiting Speculative Execution}},
 year = {2019}
}

@inproceedings{Koehn2010Fast,
 author = {Koehn, Philipp and Senellart, Jean},
 booktitle = {Conference of the Association for Machine Translation in the Americas},
 title = {{Fast Approximate String Matching with Suffix Arrays and A* Parsing}},
 year = {2010}
}

@inproceedings{Koepf2012automatic,
 author = {K{\"o}pf, Boris and Mauborgne, Laurent and Ochoa, Mart{\'\i}n},
 booktitle = {CAV},
 title = {Automatic quantification of cache side-channels},
 year = {2012}
}

@inproceedings{Kogler2022halfdouble,
 author = {Kogler, Andreas and Juffinger, Jonas and Qazi, Salman and Kim, Yoongu and Lipp, Moritz and Boichat, Nicolas and Shiu, Eric and Nissler, Mattias and Gruss, Daniel},
 booktitle = {USENIX Security Symposium},
 title = {{Half-Double: Hammering From the Next Row Over}},
 year = {2022}
}

@inproceedings{Kogler2022Minefield,
 author = {Andreas Kogler and Daniel Gruss and Michael Schwarz},
 booktitle = {USENIX Security},
 title = {{Minefield: A Software-only Protection for SGX Enclaves against DVFS Attacks}},
 year = {2022}
}

@misc{Kogler2022msranon,
 author = {{Anonymous}},
 title = {{Anonymized for Double Blind Submission}},
 url = {},
 year = {2022}
}

@inproceedings{Kogler2022MSRTemplating,
 author = {Kogler, Andreas and Weber, Daniel and Haubenwallner, Martin and Lipp, Moritz and Gruss, Daniel and Schwarz, Michael},
 booktitle = {S\&P},
 title = {{Finding and Exploiting CPU Features using MSR Templating}},
 year = {2022}
}

@inproceedings{Kogler2023CollidePower,
 author = {Andreas Kogler and Jonas Juffinger and Lukas Giner and Lukas Gerlach and Martin Schwarzl and Michael Schwarz and Daniel Gruss and Stefan Mangard},
 booktitle = {{USENIX Security}},
 title = {{Collide+Power: Leaking Inaccessible Data with Software-based Power Side Channels}},
 year = {2023}
}

@inproceedings{Kohlbrenner2016,
 author = {David Kohlbrenner and Hovav Shacham},
 booktitle = {USENIX Security Symposium},
 title = {Trusted Browsers for Uncertain Times},
 year = {2016}
}

@inproceedings{Kohno2005,
 author = {Kohno, Tadayoshi and Broido, Andre and Claffy, K.C.},
 booktitle = {IEEE Transactions on Dependable and Secure Computing},
 number = {2},
 title = {{Remote Physical Device Fingerprinting}},
 volume = {2},
 year = {2005}
}

@article{Kong2008,
 author = {Kong, Jingfei and Ac\i{}i\c{c}mez, Onur and Seifert, Jean-Pierre and Zhou, Huiyang},
 journal = {Proceedings of the 2nd ACM Computer Security Architectures Workshop (CSAW'08)},
 location = {New York, New York, USA},
 title = {{Deconstructing new cache designs for thwarting software cache-based side channel attacks}},
 year = {2008}
}

@inproceedings{Kong2009,
 author = {Kong, Jingfei and Ac\i{}i\c{c}mez, Onur and Seifert, Jean-Pierre and Zhou, Huiyang},
 booktitle = {IEEE International Symposium on High Performance Computer Architecture (HPCA'09)},
 title = {{Hardware-software integrated approaches to defend against software cache-based side channel attacks}},
 year = {2009}
}

@inproceedings{Konighofer2008,
 author = {Robert K\"{o}nighofer},
 booktitle = {CT-RSA},
 title = {A Fast and Cache-Timing Resistant Implementation of the {AES}},
 year = {2008}
}

@inproceedings{Konoth2018zebram,
 author = {Konoth, Radhesh Krishnan and Oliverio, Marco and Tatar, Andrei and Andriesse, Dennis and Bos, Herbert and Giuffrida, Cristiano and Razavi, Kaveh},
 booktitle = {OSDI},
 title = {{ZebRAM}: Comprehensive and compatible software protection against rowhammer attacks},
 year = {2018}
}

@inproceedings{Kontaxis2013sauth,
 author = {Kontaxis, Georgios and Athanasopoulos, Elias and Portokalidis, Georgios and Keromytis, Angelos D},
 booktitle = {{CCS'13}},
 title = {{SAuth: protecting user accounts from password database leaks}},
 year = {2013}
}

@inproceedings{Koopman1997,
 author = {Koopman, Philip and Sung, John and Dingman, Christopher and Siewiorek, Daniel and Marz, Ted},
 booktitle = {{16th Symposium on Reliable Distributed Systems}},
 title = {{Comparing operating systems using robustness benchmarks}},
 year = {1997}
}

@inproceedings{Koppe2017ucode,
 author = {Koppe, Philipp and Kollenda, Benjamin and Fyrbiak, Marc and Kison, Christian and Gawlik, Robert and Paar, Christof and Holz, Thorsten},
 booktitle = {USENIX Security Symposium},
 title = {Reverse Engineering x86 Processor Microcode.},
 year = {2017}
}

@article{Korkin2018,
 author = {Korkin, Igor},
 journal = {arXiv:1812.09920},
 title = {{Divide et Impera: MemoryRanger Runs Drivers in Isolated Kernel Spaces}},
 year = {2018}
}

@inproceedings{Korobeynikov2007,
 author = {Korobeynikov, Anton},
 booktitle = {SYRCoSE},
 month = {May},
 title = {Improving Switch Lowering for The LLVM Compiler System},
 year = {2007}
}

@inproceedings{Koruyeh2018spectre5,
 author = {Koruyeh, Esmaeil Mohammadian and Khasawneh, Khaled and Song, Chengyu and Abu-Ghazaleh, Nael},
 booktitle = {{WOOT}},
 title = {{Spectre Returns! Speculation Attacks using the Return Stack Buffer}},
 year = {2018}
}

@inproceedings{Koruyeh2020,
 author = {Koruyeh, Esmaeil Mohammadian and Shirazi, Shirin Haji Amin and Khasawneh, Khaled N and Song, Chengyu and Abu-Ghazaleh, Nael},
 booktitle = {S\&P},
 title = {{SPECCFI: Mitigating Spectre Attacks using CFI Informed Speculation}},
 year = {2020}
}

@inproceedings{kosasih2024pmc,
 author = {Kosasih, William and Feng, Yusi and Chuengsatiansup, Chitchanok and Yarom, Yuval and Zhu, Ziyuan},
 booktitle = {AsiaCCS},
 title = {{SoK: Can We Really Detect Cache Side-Channel Attacks by Monitoring Performance Counters?}},
 year = {2024}
}

@inproceedings{koschel2020,
 author = {Koschel, Jakob and Giuffrida, Cristiano and Bos, Herbert and Razavi, Kaveh},
 booktitle = {{EuroS}\&{P}},
 title = {{TagBleed: Breaking KASLR on the Isolated Kernel Address Space Using Tagged TLBs}},
 year = {2020}
}

@inproceedings{Koschel2020,
 author = {Koschel, Jakob and Giuffrida, Cristiano and Bos, Herbert and Razavi, Kaveh},
 booktitle = {{EuroS}\&{P}},
 title = {{TagBleed: Breaking KASLR on the Isolated Kernel Address Space Using Tagged TLBs}},
 year = {2020}
}

@misc{Kosina18stibppatch,
 author = {Kosina, Jiri},
 month = {September},
 title = {{x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation}},
 year = {2018}
}

@inproceedings{kou2021loadstep,
 author = {Kou, Zili and He, Wenjian and Sinha, Sharad and Zhang, Wei},
 booktitle = {DAC},
 title = {Load-step: A precise trustzone execution control framework for exploring new side-channel attacks like flush+ evict},
 year = {2021}
}

@inproceedings{Kouwe2017,
 author = {van der Kouwe, Erik and Nigade, Vinod and Giuffrida, Cristiano},
 booktitle = {{EuroSys'17}},
 title = {{DangSan: Scalable Use-after-free Detection.}},
 year = {2017}
}

@misc{KPTI3.16.53,
 author = {Ben Hutchings},
 title = {{Linux 3.16.53}},
 url = {https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.53},
 year = {2018}
}

@misc{KPTI4.14.11,
 author = {Greg Kroah-Hartman},
 title = {{Linux 4.14.11}},
 url = {https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.11},
 year = {2018}
}

@misc{KPTI4.4.110,
 author = {Greg Kroah-Hartman},
 title = {{Linux 4.4.110}},
 url = {https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.110},
 year = {2018}
}

@misc{KPTI4.9.75,
 author = {Greg Kroah-Hartman},
 title = {{Linux 4.9.75}},
 url = {https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.75},
 year = {2018}
}

@misc{Krahmer2005,
 author = {Krahmer, Sebastian},
 title = {{x86-64 buffer overflow exploits and the borrowed code chunks exploitation technique}},
 year = {2005}
}

@report{Krapf2007,
 author = {Krapf, Andr\'{e}s},
 institution = {INRIA},
 location = {Sophia Antipolis},
 title = {{XEN Memory Management (Intel IA-32)}},
 type = {techreport},
 year = {2007}
}

@inproceedings{Krautter2018,
 author = {Krautter, Jonas and Gnad, Dennis and Tahoori, Mehdi},
 booktitle = {CHES},
 title = {{FPGAhammer: Remote Voltage Fault Attacks on Shared FPGAs, suitable for DFA on AES}},
 year = {2018}
}

@article{Krawiecka2017,
 author = {Krawiecka, Klaudia and Kurnikov, Arseny and Paverd, Andrew and Mannan, Mohammad and Asokan, N},
 journal = {arXiv:1709.01261},
 title = {Protecting Web Passwords from Rogue Servers using Trusted Execution Environments},
 year = {2017}
}

@misc{Kris2019msr1a1,
 author = {Z, Kris},
 title = {{How to determine cause of processor frequency scale down to ~200 MHz due to ThermStatus}},
 url = {https://software.intel.com/en-us/forums/software-tuning-performance-optimization-platform-monitoring/topic/815194},
 year = {2019}
}

@inproceedings{Kruegel2005,
 author = {Kruegel, Christopher and Kirda, Engin and Mutz, Darren and Robertson, William and Vigna, Giovanni},
 booktitle = {{USENIX} Security Symposium},
 title = {{Automating Mimicry Attacks Using Static Binary Analysis}},
 year = {2005}
}

@inproceedings{Kuhn2005,
 author = {K\"{u}hn, Ulrich and Kursawe, Klaus and Lucks, Stefan and Sadeghi, Ahmad-Reza and St\"{u}ble, Christian},
 booktitle = {Proceedings of the 7th Workshop on Cryptographic Hardware and Embedded Systems (CHES 2005)},
 title = {{Secure Data Management in Trusted Computing}},
 year = {2005}
}

@inproceedings{kursawe2005analyzing,
 author = {Klaus Kursawe and Dries Schellekens and Bart Preneel},
 booktitle = {In: ECRYPT Workshop, CRASH – CRyptographic Advances in Secure Hardware},
 title = {{Analyzing trusted platform communication}},
 year = {2005}
}

@inproceedings{Kurth2020netcat,
 author = {Kurth, Michael and Gras, Ben and Andriesse, Dennis and Giuffrida, Cristiano and Bos, Herbert and Razavi, Kaveh},
 booktitle = {S\&P},
 title = {{NetCAT: Practical cache attacks from the network}},
 year = {2020}
}

@article{Kushner2013real,
 author = {Kushner, David},
 journal = {{IEEE} Spectrum},
 number = {3},
 publisher = {IEEE},
 title = {{The real story of stuxnet}},
 volume = {50},
 year = {2013}
}

@inproceedings{Kuvaiskii2016,
 author = {Kuvaiskii, Dmitrii and Faqeh, Rasha and Bhatotia, Pramod and Felber, Pascal and Fetzer, Christof},
 booktitle = {EuroSys},
 title = {HAFT: Hardware-assisted fault tolerance},
 year = {2016}
}

@inproceedings{Kuznetsov2014CPI,
 author = {Kuznetsov, Volodymyr and Szekeres, L{\'a}szl{\'o} and Payer, Mathias and Candea, George and Sekar, R and Song, Dawn},
 booktitle = {{OSDI}},
 title = {{Code-Pointer Integrity}},
 year = {2014}
}

@misc{KVAShadow2018,
 author = {Ken Johnson},
 month = {Mar},
 title = {{KVA Shadow: Mitigating Meltdown on Windows}},
 url = {https://blogs.technet.microsoft.com/srd/2018/03/23/kva-shadow-mitigating-meltdown-on-windows/},
 year = {2018}
}

@misc{kvm_linux,
 author = {KVM contributors},
 title = {{Kernel-based Virtual Machine}},
 url = {https://www.linux-kvm.org},
 year = {2019}
}

@misc{kvm_register_clearing,
 author = {{Elixir bootlin}},
 url = {{https://elixir.bootlin.com/linux/latest/source/arch/x86/kvm/svm.c#L5700}},
 year = {2018}
}

@misc{kvm_svm_support,
 author = {{Linux}},
 title = {KVM support for AMD-V (SVM)},
 url = {https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/arch/x86/kvm/svm.c},
 year = {2019}
}

@inproceedings{Kwon2003Aria,
 author = {Kwon, Daesung and Kim, Jaesung and Park, Sangwoo and Sung, Soo Hak and Sohn, Yaekwon and Song, Jung Hwan and Yeom, Yongjin and Yoon, E-Joong and Lee, Sangjin and Lee, Jaewon and others},
 booktitle = {Inscrypt},
 title = {New block cipher: ARIA},
 year = {2003}
}

@inproceedings{kwon2003new,
 author = {Kwon, Daesung and Kim, Jaesung and Park, Sangwoo and Sung, Soo Hak and Sohn, Yaekwon and Song, Jung Hwan and Yeom, Yongjin and Yoon, E-Joong and Lee, Sangjin and Lee, Jaewon and others},
 booktitle = {International conference on information security and cryptology},
 title = {New block cipher: ARIA},
 year = {2003}
}

@inproceedings{kwon2019uxom,
 author = {Kwon, Donghyun and Shin, Jangseop and Kim, Giyeol and Lee, Byoungyoung and Cho, Yeongpil and Paek, Yunheung},
 booktitle = {USENIX Security},
 title = {{uXOM}: Efficient {eXecute-Only} Memory on {ARM} {Cortex-M}},
 year = {2019}
}

@inproceedings{Kwong2020,
 author = {Kwong, Andrew and Genkin, Daniel and Gruss, Daniel and Yarom, Yuval},
 booktitle = {S\&P},
 title = {{RAMBleed: Reading Bits in Memory Without Accessing Them}},
 year = {2020}
}

@inproceedings{Ladakis2013,
 author = {Ladakis, Evangelos and Koromilas, Lazaros and Vasiliadis, Giorgos and Polychronakis, Michalis and Ioannidis, Sotiris},
 booktitle = {Proceedings of the 6th European Workshop on Systems Security (EuroSec'13)},
 title = {{You Can Type, but You Can't Hide: A Stealthy GPU-based Keylogger}},
 year = {2013}
}

@inproceedings{Laeufer2023rtlcoverage,
 author = {Laeufer, Kevin and Iyer, Vighnesh and Biancolin, David and Bachrach, Jonathan and Nikoli{\'c}, Borivoje and Sen, Koushik},
 booktitle = {ASPLOS},
 title = {Simulator independent coverage for RTL hardware languages},
 year = {2023}
}

@inproceedings{Lagar-Cavilla2007,
 author = {Lagar-Cavilla, H. Andres and Tolia, Niraj and Satyanarayanan, M. and de Lara, Eyal},
 booktitle = {Proceedings of the 3rd international conference on Virtual execution environments (VEE'07)},
 title = {{VMM-independent graphics acceleration}},
 year = {2007}
}

@book{lam2008hardware,
 author = {Lam, William K},
 publisher = {Prentice Hall PTR},
 title = {Hardware design verification: simulation and formal method-based approaches},
 year = {2008}
}

@misc{lam2024Opcache,
 author = {Chester Lam},
 title = {Turning off Zen 4's Op Cache for Curiosity and Giggles},
 url = {https://chipsandcheese.com/p/turning-off-zen-4s-op-cache-for-curiosity},
 year = {2024}
}

@article{Lampson1973,
 author = {Lampson, Butler W},
 journal = {Communications of the ACM},
 number = {10},
 pages = {613--615},
 publisher = {ACM},
 title = {{A note on the confinement problem}},
 volume = {16},
 year = {1973}
}

@inproceedings{Lan2015loop,
 author = {Lan, Bingchen and Li, Yan and Sun, Hao and Su, Chao and Liu, Yao and Zeng, Qingkai},
 booktitle = {IEEE Trustcom/BigDataSE/ISPA},
 title = {Loop-oriented programming: a new code reuse attack to bypass modern defenses},
 year = {2015}
}

@inproceedings{lang2023blaster,
 author = {Lang, Zhenrong and Jattke, Patrick and Marazzi, Michele and Razavi, Kaveh},
 booktitle = {Workshop on DRAM Security (DRAMSec)},
 title = {BLASTER: Characterizing the Blast Radius of Rowhammer},
 year = {2023}
}

@misc{Langley2014Revocation,
 author = {{Adam Langley}},
 title = {{Revocation still doesn't work}},
 url = {https://www.imperialviolet.org/2014/04/29/revocationagain.html},
 year = {2014}
}

@misc{Langley2023ctgrind,
 author = {Adam Langley},
 title = {{Checking that functions are constant time with Valgrind}},
 url = {{https://github.com/agl/ctgrind}},
 year = {2023}
}

@article{Langner2011stuxnet,
 author = {Langner, Ralph},
 journal = {IEEE Security \& Privacy},
 number = {3},
 pages = {49--51},
 publisher = {IEEE},
 title = {{Stuxnet: Dissecting a cyberwarfare weapon}},
 volume = {9},
 year = {2011}
}

@misc{Lanteigne2016,
 author = {Mark Lanteigne},
 title = {{How Rowhammer Could Be Used to Exploit Weaknesses in Computer Hardware}},
 url = {http://www.thirdio.com/rowhammer.pdf},
 year = {2016}
}

@inproceedings{Laor2022drawnapart,
 author = {Laor, Tomer and Mehanna, Naif and Durey, Antonin and Dyadyuk, Vitaly and Laperdrix, Pierre and Maurice, Cl{\'e}mentine and Oren, Yossi and Rouvoy, Romain and Rudametkin, Walter and Yarom, Yuval},
 booktitle = {Network and Distributed System Security Symposium},
 title = {DRAWNAPART: A Device Identification Technique based on Remote GPU Fingerprinting},
 year = {2022}
}

@inproceedings{laperdrix2015mitigating,
 author = {Laperdrix, Pierre and Rudametkin, Walter and Baudry, Benoit},
 booktitle = {SEAMS},
 title = {{Mitigating browser fingerprint tracking: multi-level reconfiguration and diversification}},
 year = {2015}
}

@inproceedings{Laperdrix2016,
 author = {Laperdrix, Pierre and Rudametkin, Walter and Baudry, Benoit},
 booktitle = {{S\&P}},
 title = {{Beauty and the beast: Diverting modern web browsers to build unique browser fingerprints}},
 year = {2016}
}

@inproceedings{Laperdrix2017fprandom,
 author = {Laperdrix, Pierre and Baudry, Benoit and Mishra, Vikas},
 booktitle = {{ESSoS}},
 title = {{FPRandom: Randomizing core browser objects to break advanced device fingerprinting techniques}},
 year = {2017}
}

@inproceedings{Laperdrix2020survey,
 author = {Laperdrix, Pierre and Bielova, Nataliia and Baudry, Benoit and Avoine, Gildas},
 booktitle = {{ACM Transactions on the Web}},
 title = {Browser Fingerprinting: A Survey},
 year = {2020}
}

@inproceedings{Laperdrix2021,
 author = {Pierre Laperdrix and Oleksii Starov and Quan Chen and Alexandros Kapravelos and Nick Nikiforakis},
 booktitle = {{USENIX} Security Symposium},
 title = {Fingerprinting in Style: Detecting Browser Extensions via Injected Style Sheets},
 year = {2021}
}

@article{larabel2011phoronix,
 author = {Larabel, Michael and Tippett, Matthew},
 note = {Accessed 2024-08-03},
 title = {Phoronix Test Suite},
 url = {https://www.phoronix-test-suite.com/},
 year = {2011}
}

@misc{Larabel2018cost,
 author = {Larabel, Michael},
 title = {{The Performance Cost Of Spectre / Meltdown / Foreshadow Mitigations On Linux 4.19}},
 year = {2018}
}

@misc{Larabel2018stibp,
 author = {Larabel, Michael},
 month = {November},
 title = {{Bisected: The Unfortunate Reason Linux 4.20 Is Running Slower}},
 year = {2018}
}

@misc{Larabel2021TSX,
 author = {{Michael Larabel}},
 month = {June},
 title = {{Intel To Disable TSX By Default On More CPUs With New Microcode}},
 url = {https://www.phoronix.com/scan.php?page=news_item&px=Intel-TSX-Off-New-Microcode},
 year = {2021}
}

@misc{Larabel2022FGKASLR_v10,
 author = {Michael Larabel},
 title = {{FGKASLR Patches Revised A 10th Time For Improving Linux Kernel Security}},
 url = {https://www.phoronix.com/news/FGKASLR-Linux-v10},
 year = {2022}
}

@inproceedings{Larsen2014,
 author = {Larsen, Per and Homescu, Andrei and Brunthaler, Stefan and Franz, Michael},
 journal = {S\&P'14},
 title = {SoK: Automated software diversity},
 year = {2014}
}

@misc{LaserWorkshop,
 author = {LASER Committee},
 title = {{The LASER Workshop: Learning from Authoritative Security Experiment Results}},
 url = {http://laser-workshop.org/index.html},
 year = {2020}
}

@inproceedings{Lattner2004,
 author = {Chris Lattner and Vikram S. Adve},
 booktitle = {{IEEE} / {ACM} International Symposium on Code Generation and Optimization -- {CGO}},
 title = {{LLVM:} {A} Compilation Framework for Lifelong Program Analysis {\&} Transformation},
 year = {2004}
}

@inproceedings{Lauradoux2005,
 author = {Lauradoux, C\'{e}dric},
 booktitle = {Proceedings of Western European Workshop on Research in Cryptology (WEWoRC 2005)},
 pages = {76--85},
 title = {{Collision attacks on processors with cache and countermeasures}},
 year = {2005}
}

@inproceedings{Lauradoux2008,
 author = {Lauradoux, C\'{e}dric},
 booktitle = {Proceedings of the 17th Annual European Institute for Computer Anti-Virus Research (EICAR'08)},
 title = {{Detecting Virtual Rootkits with Cover Channels}},
 year = {2008}
}

@inproceedings{Lavoie2014,
 author = {Lavoie, Erick and Dufour, Bruno and Feeley, Marc},
 booktitle = {{European Conference on Object-Oriented Programming}},
 title = {{Portable and efficient run-time monitoring of javascript applications using virtual machine layering}},
 year = {2014}
}

@article{Lawall2008wysiwib,
 author = {Lawall, Julia and Brunel, Julien and Hansen, Ren{\'e} and Stuart, Henrik and Muller, Gilles},
 title = {{WYSIWIB: A declarative approach to finding protocols and bugs in Linux code}},
 year = {2008}
}

@article{Lawson2009,
 author = {Lawson, Nate},
 journal = {IEEE Security \& Privacy},
 number = {6},
 pages = {65--68},
 title = {{Side channel attacks on cryptographic software}},
 volume = {7},
 year = {2009}
}

@article{Lawton1996bochs,
 author = {Lawton, Kevin P},
 journal = {Linux Journal},
 title = {{Bochs: A portable PC emulator for UNIX/X}},
 year = {1996}
}

@inproceedings{lazzeri2025s4v,
 author = {Lazzeri, Elia and Colella, Matteo and Furano, Gianluca and Cassano, Luca},
 booktitle = {DDECS},
 title = {S4V: A Benchmark Suite of Transient Execution Attacks for RISC-V Processors},
 year = {2025}
}

@manual{LD_PRELOAD,
 title = {{ld.so(8) Linux Programmer's Manual}},
 url = {http://man7.org/linux/man-pages/man8/ld.so.8.html},
 year = {2016}
}

@misc{Leander2024Divide,
 author = {Robin Leander Schröder and Stefan Gast and Qian Guo},
 howpublished = {Cryptology ePrint Archive},
 title = {Divide and Surrender: Exploiting Variable Division Instruction Timing in HQC Key Recovery Attacks},
 year = {2024}
}

@misc{Ledger2017,
 author = {{Nicolas Bacca}},
 no-url = {https://www.ledger.fr/2017/05/22/soft-launching-ledger-sgx-enclave/},
 title = {Soft launching Ledger {SGX} Enclave},
 year = {2017}
}

@inproceedings{Lee2014stealing,
 author = {Lee, Sangho and Kim, Youngsok and Kim, Jangwoo and Kim, Jong},
 booktitle = {S\&P},
 title = {Stealing webpages rendered on your browser by exploiting GPU vulnerabilities},
 year = {2014}
}

@article{Lee2015typing,
 author = {Lee, Po-Ming and Tsui, Wei-Hsuan and Hsiao, Tzu-Chien},
 journal = {PLOS ONE},
 pages = {1--16},
 publisher = {Public Library of Science},
 title = {{The Influence of Emotion on Keyboard Typing: An Experimental Study Using Auditory Stimuli}},
 volume = {10},
 year = {2015}
}

@inproceedings{Lee2015uaf,
 author = {Lee, Byoungyoung and Song, Chengyu and Jang, Yeongjin and Wang, Tielei and Kim, Taesoo and Lu, Long and Lee, Wenke},
 booktitle = {{NDSS'15}},
 title = {{Preventing Use-after-free with Dangling Pointers Nullification.}},
 year = {2015}
}

@inproceedings{Lee2016,
 author = {Lee, Doowon and Kolan, Tom and Morgenshtein, Arkadiy and Sokhin, Vitali and Morad, Ronny and Ziv, Avi and Bertacco, Valeria},
 booktitle = {{DAC}},
 title = {{Probabilistic Bug-Masking Analysis for Post-Silicon Tests in Microprocessor Verification}},
 year = {2016}
}

@inproceedings{Lee2017Inferring,
 author = {Sangho Lee and Ming{-}Wei Shih and Prasun Gera and Taesoo Kim and Hyesoon Kim and Marcus Peinado},
 booktitle = {USENIX Security Symposium},
 title = {{Inferring Fine-grained Control Flow Inside SGX Enclaves with Branch Shadowing}},
 year = {2017}
}

@inproceedings{Lee2017SGXROP,
 author = {Lee, Jaehyuk and Jang, Jinsoo and Jang, Yeongjin and Kwak, Nohyun and Choi, Yeseul and Choi, Changho and Kim, Taesoo and Peinado, Marcus and Kang, Brent Byunghoon},
 booktitle = {USENIX Security Symposium},
 title = {{Hacking in Darkness: Return-oriented Programming against Secure Enclaves}},
 year = {2017}
}

@article{Lee2019,
 author = {Lee, Dayeol and Jung, Dongha and Fang, Ian T and Tsai, Chia-Che and Popa, Raluca Ada},
 journal = {arXiv:1912.01701},
 title = {An Off-Chip Attack on Hardware Enclaves via the Memory Bus},
 year = {2019}
}

@inproceedings{lee2019twice,
 author = {Lee, Eojin and Kang, Ingab and Lee, Sukhan and Suh, G Edward and Ahn, Jung Ho},
 booktitle = {ISACA},
 title = {TWiCe: Preventing row-hammering by exploiting time window counters},
 year = {2019}
}

@article{lee2021detection,
 author = {Lee, Minkyung and Kwak, Jin},
 journal = {CMC},
 title = {{Detection Technique of Software-Induced Rowhammer Attacks}},
 year = {2021}
}

@article{lee2021dove,
 author = {Lee, Hyun Bin and Jois, Tushar M and Fletcher, Christopher W and Gunter, Carl A},
 journal = {arXiv preprint arXiv:2102.05195},
 title = {DOVE: A data-oblivious virtual environment},
 year = {2021}
}

@article{LeeDynamicBranchPrediction,
 author = {Lee, Ben and Malishevsky, A and Beck, D and Schmid, A and Landry, E},
 journal = {Oregon State University},
 title = {Dynamic Branch Prediction}
}

@misc{lei2024npm,
 author = {Lei, Zongmin},
 title = {{NPM Package - xss}},
 url = {{https://www.npmjs.com/package/xss}},
 year = {2024}
}

@article{Leitch2013process,
 author = {Leitch, John},
 title = {Process hollowing},
 year = {2013}
}

@inproceedings{Lekies2017Code,
 author = {Lekies, Sebastian and Kotowicz, Krzysztof and Gro{\ss}, Samuel and Vela Nava, Eduardo A and Johns, Martin},
 booktitle = {{CCS}},
 title = {Code-Reuse Attacks for the Web: Breaking Cross-Site Scripting Mitigations via Script Gadgets},
 year = {2017}
}

@misc{Lemberg2025Freetype,
 author = {Werner Lemberg},
 title = {{The FreeType Auto-Hinter}},
 url = {https://freetype.org/index.html},
 year = {2025}
}

@misc{Lendacky2017,
 author = {Tom Lendacky},
 title = {{[PATCH] x86/cpu, x86/pti: Do not enable PTI on AMD processors}},
 url = {https://lkml.org/lkml/2017/12/27/2},
 year = {2017}
}

@misc{Lengstorf2019,
 author = {Jason Lengstorf},
 title = {{Automation + Control: Progressive Disclosure of Complexity}},
 url = {https://lengstorf.com/progressive-disclosure-of-complexity/},
 year = {2019}
}

@misc{Lenovo2015,
 author = {{Lenovo}},
 title = {{Row Hammer Privilege Escalation}},
 url = {https://support.lenovo.com/us/en/product_security/row_hammer},
 year = {2015}
}

@article{lenstra1987factoring,
 author = {Lenstra Jr, Hendrik W},
 journal = {Annals of mathematics},
 title = {{Factoring integers with elliptic curves}},
 year = {1987}
}

@article{Leroy2009formal,
 author = {Leroy, Xavier},
 journal = {Communications of the ACM},
 number = {7},
 title = {Formal verification of a realistic compiler},
 volume = {52},
 year = {2009}
}

@misc{Levantovsky2024WOFF,
 author = {Vladimir Levantovsky},
 title = {WOFF File Format 2.0},
 url = {https://www.w3.org/TR/2024/REC-WOFF2-20240808/},
 year = {2024}
}

@inproceedings{Levenshtein1966Binary,
 author = {Levenshtein, Vladimir I},
 booktitle = {Soviet physics doklady},
 pages = {707},
 title = {Binary codes capable of correcting deletions, insertions and reversals},
 volume = {10},
 year = {1966}
}

@inproceedings{Lever2016,
 author = {Lever, Chaz and Walls, Robert and Nadji, Yacin and Dagon, David and McDaniel, Patrick and Antonakakis, Manos},
 booktitle = {IEEE Symposium on Security and Privacy (SP)},
 title = {{Domain-Z: 28 registrations later measuring the exploitation of residual trust in domains}},
 year = {2016}
}

@misc{Leverich2014mutilate,
 author = {Leverich, Jacob},
 title = {Mutilate: high-performance memcached load generator},
 url = {https://github.com/leverich/mutilate},
 year = {2014}
}

@book{Levin2012,
 author = {Levin, Jonathan},
 publisher = {John Wiley \& Sons},
 title = {Mac OS X and IOS Internals: To the Apple's Core},
 year = {2012}
}

@article{Lhee2005racecondition,
 author = {Lhee, Kyung-Suk and Chapin, Steve J},
 journal = {International Journal of Information Security},
 number = {1},
 title = {{Detection of file-based race conditions}},
 volume = {4},
 year = {2005}
}

@inproceedings{Li2007Usable,
 author = {Li, Ninghui and Mao, Ziqing and Chen, Hong},
 booktitle = {S\&P},
 title = {Usable Mandatory Integrity Protection for Operating Systems},
 year = {2007}
}

@inproceedings{Li2013software,
 author = {Li, Hongzhe and Kim, Taebeom and Bat-Erdene, Munkhbayar and Lee, Heejo},
 booktitle = {International Conference on Availability, Reliability and Security},
 title = {Software vulnerability detection using backward trace analysis and symbolic execution},
 year = {2013}
}

@inproceedings{Li2014,
 author = {Li, Yanlin and McCune, Jonathan and Newsome, James and Perrig, Adrian and Baker, Brandon and Drewry, Will},
 booktitle = {USENIX ATC},
 title = {MiniBox: A two-way sandbox for x86 native code},
 year = {2014}
}

@inproceedings{Li2018online,
 author = {Li, Congmiao and Gaudiot, Jean-Luc},
 booktitle = {Symposium on Computer Architecture and High Performance Computing (SBAC-PAD)},
 title = {Online detection of spectre attacks using microarchitectural traces from performance counters},
 year = {2018}
}

@inproceedings{Li2019coloring,
 author = {Li, Haifeng and Lu, Tianyue and Liu, Yuhang and Chen, Mingyu},
 booktitle = {ICPADS},
 title = {Make Page Coloring More Efficient on Slice-based Three-Level Cache},
 year = {2019}
}

@inproceedings{Li2019Conditional,
 author = {Li, Peinan and Zhao, Lutan and Hou, Rui and Zhang, Lixin and Meng, Dan},
 booktitle = {HPCA},
 title = {Conditional Speculation: An effective approach to safeguard out-of-order execution against spectre attacks},
 year = {2019}
}

@inproceedings{li2019detecting,
 author = {Li, Congmiao and Gaudiot, Jean-Luc},
 booktitle = {COMPSAC},
 title = {{Detecting malicious attacks exploiting hardware vulnerabilities using performance counters}},
 year = {2019}
}

@article{Li2019UISFuzz,
 author = {Li, Xixing and Wu, Zehui and Wei, Qiang and Wu, Haolan},
 journal = {IEEE Access},
 title = {{UISFuzz: An Efficient Fuzzing Method for CPU Undocumented Instruction Searching}},
 volume = {7},
 year = {2019}
}

@article{li2019uisfuzz,
 author = {Li, Xixing and Wu, Zehui and Wei, Qiang and Wu, Haolan},
 journal = {IEEE Access},
 title = {Uisfuzz: An efficient fuzzing method for cpu undocumented instruction searching},
 year = {2019}
}

@article{Li2020challenges,
 author = {Li, Congmiao and Gaudiot, Jean-Luc},
 journal = {IEEE Computer Architecture Letters},
 title = {{Challenges in Detecting an ``Evasive Spectre''}},
 year = {2020}
}

@article{Li2020DRAMsim3,
 author = {Li, Shang and Yang, Zhiyuan and Reddy, Dhiraj and Srivastava, Ankur and Jacob, Bruce},
 journal = {IEEE Comput. Archit. Lett.},
 title = {{DRAMsim3: A Cycle-Accurate, Thermal-Capable DRAM Simulator}},
 year = {2020}
}

@misc{Li2020kaslrriscv,
 author = {Li, Zong},
 booktitle = {LWN},
 title = {{Support KASLR for RISC-V}},
 url = {https://lwn.net/Articles/815891/},
 year = {2020}
}

@inproceedings{Li2021Cipherleaks,
 author = {Mengyuan Li and Yinqian Zhang and Huibo Wang and Kang Li and Yueqiang Cheng},
 booktitle = {{USENIX Security}},
 title = {CIPHERLEAKS: Breaking Constant-time Cryptography on AMD SEV via the Ciphertext Side Channel},
 year = {2021}
}

@inproceedings{li2021crossline,
 author = {Li, Mengyuan and Zhang, Yinqian and Lin, Zhiqiang},
 booktitle = {SIGSAC},
 title = {{CrossLine: Breaking “Security-by-Crash” based Memory Isolation in AMD SEV}},
 year = {2021}
}

@article{li2021mimosa,
 author = {Li, Congwu and Guan, Le and Lin, Jingqiang and Luo, Bo and Cai, Quanwei and Jing, Jiwu and Wang, Jing},
 journal = {IEEE Transactions on Dependable and Secure Computing},
 title = {Mimosa: Protecting Private Keys Against Memory Disclosure Attacks Using Hardware Transactional Memory},
 year = {2021}
}

@inproceedings{Li2022systematic,
 author = {Li, Mengyuan and Wilke, Luca and Wichelmann, Jan and Eisenbarth, Thomas and Teodorescu, Radu and Zhang, Yinqian},
 booktitle = {S\&P},
 title = {A Systematic Look at Ciphertext Side Channels on AMD SEV-SNP},
 year = {2022}
}

@inproceedings{Li2025Reload,
 author = {Chiang, Li-Chung and Li, Shih-Wei},
 booktitle = {{ASPLOS}},
 title = {{Reload+Reload: Exploiting Cache and Memory Contention Side Channel on AMD SEV}},
 year = {2025}
}

@inproceedings{Liang2017,
 author = {Liang, Xueping and Shetty, Sachin and Tosh, Deepak and Kamhoua, Charles and Kwiat, Kevin and Njilla, Laurent},
 booktitle = {International Symposium on Cluster, Cloud and Grid Computing},
 title = {Provchain: A blockchain-based data provenance architecture in cloud environment with enhanced privacy and availability},
 year = {2017}
}

@article{Liang2018,
 author = {Hongliang Liang and Mingyu Li and Qiong Zhang and Yue Yu and Lin Jiang and Yixiu Chen},
 journal = {arXiv cs.CR 1802.03530},
 title = {{Aurora: Providing Trusted System Services for Enclaves On an Untrusted System}},
 year = {2018}
}

@misc{libflush,
 author = {IAIK},
 title = {libflush},
 url = {https://github.com/IAIK/armageddon/tree/master/libflush},
 year = {2017}
}

@misc{libratbag2023source,
 author = {libratbag Team},
 title = {{libratbag}},
 url = {https://github.com/libratbag/libratbag},
 year = {2023}
}

@misc{libsodium,
 author = {libsodium},
 title = {{libsodium}},
 url = {https://libsodium.org},
 year = {2023}
}

@article{lie2000architectural,
 author = {Lie, David and Thekkath, Chandramohan and Mitchell, Mark and Lincoln, Patrick and Boneh, Dan and Mitchell, John and Horowitz, Mark},
 journal = {Acm Sigplan Notices},
 title = {Architectural support for copy and tamper resistant software},
 year = {2000}
}

@article{Lifshits2018,
 author = {Lifshits, Pavel and Forte, Roni and Hoshen, Yedid and Halpern, Matt and Philipose, Manuel and Tiwari, Mohit and Silberstein, Mark},
 journal = {Proceedings on Privacy Enhancing Technologies},
 number = {4},
 publisher = {Sciendo},
 title = {{Power to peep-all: Inference Attacks by Malicious Batteries on Mobile Devices}},
 volume = {2018},
 year = {2018}
}

@article{Lim2005,
 author = {Lim, Daihyun and Lee, Jae W. and Gassend, Blaise and Suh, G. Edward},
 journal = {IEEE Transactions on Very Large Scale Integration (VLSI) Systems},
 number = {10},
 pages = {1200--1205},
 title = {{Extracting Secret Keys From Integrated Circuits}},
 volume = {13},
 year = {2005}
}

@article{Lim2018,
 author = {Lim, Chulseung and Park, Kyungbae and Bak, Geunyong and Yun, Donghyuk and Park, Myungsang and Baeg, Sanghyeon and Wen, Shi-Jie and Wong, Richard},
 journal = {Microelectronics Reliability},
 pages = {85--90},
 publisher = {Elsevier},
 title = {Study of proton radiation effect to row hammer fault in DDR4 SDRAMs},
 volume = {80},
 year = {2018}
}

@inproceedings{Lin2018container,
 author = {Lin, Xin and Lei, Lingguang and Wang, Yuewu and Jing, Jiwu and Sun, Kun and Zhou, Quan},
 booktitle = {ACSAC},
 title = {A measurement study on {Linux} container security: Attacks and countermeasures},
 year = {2018}
}

@inproceedings{Lin2023Fashion,
 author = {Lin, Xu and Araujo, Frederico and Taylor, Teryl and Jang, Jiyong and Polakis, Jason},
 booktitle = {IEEE S\&P},
 title = {Fashion Faux Pas: Implicit Stylistic Fingerprints for Bypassing Browsers' Anti-Fingerprinting Defenses},
 year = {2023}
}

@inproceedings{Lin2024peep,
 author = {Lin, Yan and Wong, Joshua and Li, Xiang and Ma, Haoyu and Gao, Debin},
 booktitle = {USENIX Security Symposium},
 title = {Peep with a mirror: breaking the integrity of android app sandboxing via unprivileged cache side channel},
 year = {2024}
}

@inproceedings{Lind2018,
 author = {Lind, Joshua and Naor, Oded and Eyal, Ittay and Kelbert, Florian and Pietzuch, Peter and Sirer, Emin G{\"u}n},
 booktitle = {Proceedings of the 11th ACM International Systems and Storage Conference},
 title = {Teechain: Reducing Storage Costs on the Blockchain With Offline Payment Channels},
 year = {2018}
}

@article{Lindholm2008,
 author = {Lindholm, Erik and Nickolls, John and Oberman, Stuart and Montrym, John},
 journal = {IEEE Micro},
 number = {2},
 pages = {39--55},
 title = {{Nvidia Tesla: A unified graphics and computing architecture}},
 volume = {28},
 year = {2008}
}

@inproceedings{linn2003obfuscation,
 author = {Linn, Cullen and Debray, Saumya},
 booktitle = {Proceedings of the 10th ACM conference on Computer and communications security},
 organization = {ACM},
 pages = {290--299},
 title = {Obfuscation of executable code to improve resistance to static disassembly},
 year = {2003}
}

@misc{Linux2008,
 author = {Corbet, Jonathan},
 month = {May},
 title = {{2.6.26-rc1 short-form changelog}},
 url = {https://lwn.net/Articles/280913/},
 year = {2008}
}

@misc{Linux2018IBPB,
 author = {LKML},
 title = {x86/pti updates for 4.16},
 url = {http://lkml.iu.edu/hypermail/linux/kernel/1801.3/03399.html},
 year = {2018}
}

@misc{Linux2018L1TF,
 author = {LKML},
 title = {Re: Linux 4.18.1},
 url = {https://lkml.iu.edu/hypermail/linux/kernel/1808.2/00177.html},
 year = {2018}
}

@misc{linux2023dss,
 author = {{Linux Maintainers}},
 title = {{Fix the DIV(0) inital fix attempt}},
 url = {https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f58d6fbcb7c848b7f2469be339bc571f2e9d245b},
 year = {2023}
}

@online{Linux2023LicheeUpstream,
 author = {Linux Foundation},
 url = {https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/tree/arch/riscv/boot/dts/thead},
 year = {2023}
}

@misc{linux_disable_spectre,
 author = {{Linux Slashdot}},
 url = {https://linux.slashdot.org/story/18/11/24/2320228/two-linux-kernels-revert-performance-killing-spectre-patches},
 year = {2019}
}

@misc{linux_patch_pagemap,
 author = {{Kirill A. Shutemov}},
 title = {{Pagemap: Do Not Leak Physical Addresses to Non-Privileged Userspace}},
 url = {https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ab676b7d6fbf4b294bf198fb27ade5b0e865c7ce},
 year = {2015}
}

@misc{linux_perf,
 author = {Edge, Jake},
 booktitle = {LWN},
 title = {{Perfcounters added to the mainline}},
 url = {http://lwn.net/Articles/339361/},
 year = {2009}
}

@misc{LinuxIdlePage,
 author = {Vladimir Davydov},
 title = {Idle memory tracking},
 url = {https://lwn.net/Articles/643578/},
 year = {2015}
}

@misc{LinuxProcess,
 author = {Linux},
 title = {{Linux Kernel 5.0 Process (x86)}},
 url = {https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/arch/x86/kernel/process.c},
 year = {2019}
}

@misc{LinuxSyscallTable,
 author = {Linux},
 title = {64-bit system call numbers and entry vectors},
 url = {https://github.com/torvalds/linux/blob/master/arch/x86/entry/syscalls/syscall_64.tbl},
 year = {2019}
}

@misc{linuxwebsitekpti,
 author = {Corbet, Jonathan},
 month = {November},
 title = {{KAISER}: hiding the kernel from user space},
 url = {https://lwn.net/Articles/738975/},
 year = {2017}
}

@article{Lipasti1996,
 author = {Lipasti, Mikko H and Wilkerson, Christopher B and Shen, John Paul},
 journal = {ACM SIGPLAN Notices},
 title = {{Value locality and load value prediction}},
 year = {1996}
}

@inproceedings{Lipp2016,
 author = {{Lipp}, Moritz and {Gruss}, Daniel and {Spreitzer}, Raphael and Maurice, Clémentine and {Mangard}, Stefan},
 booktitle = {USENIX Security Symposium},
 title = {{ARMageddon: Cache Attacks on Mobile Devices}},
 year = {2016}
}

@inproceedings{Lipp2017Interrupt,
 author = {Lipp, Moritz and Gruss, Daniel and Schwarz, Michael and Bidner, David and Maurice, Cl\'{e}\-men\-ti\-ne and Mangard, Stefan},
 booktitle = {ESORICS},
 title = {{Practical Keystroke Timing Attacks in Sandboxed JavaScript}},
 year = {2017}
}

@inproceedings{Lipp2018meltdown,
 author = {Moritz Lipp and Michael Schwarz and Daniel Gruss and Thomas Prescher and Werner Haas and Anders Fogh and Jann Horn and Stefan Mangard and Paul Kocher and Daniel Genkin and Yuval Yarom and Mike Hamburg},
 booktitle = {{USENIX Security}},
 title = {{Meltdown: Reading Kernel Memory from User Space}},
 year = {2018}
}

@article{Lipp2018NH,
 author = {Moritz Lipp and Misiker Tadesse Aga and Michael Schwarz and Daniel Gruss and Cl\'{e}mentine Maurice and Lukas Raab and Lukas Lamster},
 journal = {arXiv:1711.08002},
 title = {{Nethammer: Inducing Rowhammer Faults through Network Requests}},
 year = {2017}
}

@inproceedings{Lipp2020NH,
 author = {Moritz Lipp and Misiker Tadesse Aga and Michael Schwarz and Daniel Gruss and Cl\'{e}mentine Maurice and Lukas Raab and Lukas Lamster},
 booktitle = {SILM Workshop},
 title = {{Nethammer: Inducing Rowhammer Faults through Network Requests}},
 year = {2020}
}

@inproceedings{Lipp2020Platypus,
 author = {Lipp, Moritz and Kogler, Andreas and Oswald, David and Schwarz,Michael and Easdon, Catherine and Canella, Claudio and Gruss, Daniel},
 booktitle = {S\&P},
 title = {{PLATYPUS: Software-based Power Side-Channel Attacks on x86}},
 year = {2020}
}

@inproceedings{Lipp2020takeaway,
 author = {Lipp, Moritz and Had{\v{z}}i{\'c}, Vedad and Schwarz, Michael and Perais, Arthur and Maurice, Cl{\'e}mentine and Gruss, Daniel},
 booktitle = {{AsiaCCS}},
 title = {{Take a Way: Exploring the Security Implications of AMD's Cache Way Predictors}},
 year = {2020}
}

@inproceedings{Lipp2022Prefetch,
 author = {Moritz Lipp and Daniel Gruss and Michael Schwarz},
 booktitle = {USENIX Security},
 title = {{AMD Prefetch Attacks through Power and Time}},
 year = {2022}
}

@inproceedings{Liu2010,
 author = {Liu, Huan},
 booktitle = {CCSW'10},
 pages = {65},
 title = {{A new form of DOS attack in a cloud and its avoidance mechanism}},
 year = {2010}
}

@inproceedings{liu2013memory,
 author = {Liu, Chang and Hicks, Michael and Shi, Elaine},
 booktitle = {CSF},
 title = {Memory trace oblivious program execution},
 year = {2013}
}

@inproceedings{Liu2014concurrent,
 author = {Liu, Yutao and Xia, Yubin and Guan, Haibing and Zang, Binyu and Chen, Haibo},
 booktitle = {High Performance Computer Architecture (HPCA)},
 title = {Concurrent and consistent virtual machine introspection with hardware transactional memory},
 year = {2014}
}

@inproceedings{Liu2014random,
 author = {Liu, Fangfei and Lee, Ruby B.},
 booktitle = {MICRO},
 title = {{Random Fill Cache Architecture}},
 year = {2014}
}

@article{liu2015ghostrider,
 author = {Liu, Chang and Harris, Austin and Maas, Martin and Hicks, Michael and Tiwari, Mohit and Shi, Elaine},
 journal = {SIGPLAN},
 title = {Ghostrider: A hardware-software system for memory trace oblivious computation},
 year = {2015}
}

@inproceedings{Liu2015Last,
 author = {Liu, Fangfei and Yarom, Yuval and Ge, Qian and Heiser, Gernot and Lee, Ruby B.},
 booktitle = {S\&P},
 title = {{Last-Level Cache Side-Channel Attacks are Practical}},
 year = {2015}
}

@inproceedings{Liu2015PKI,
 author = {Liu, Yabing and Tome, Will and Zhang, Liang and Choffnes, David and Levin, Dave and Maggs, Bruce and Mislove, Alan and Schulman, Aaron and Wilson, Christo},
 booktitle = {IMC},
 title = {An End-to-End Measurement of Certificate Revocation in the Web's PKI},
 year = {2015}
}

@inproceedings{Liu2016all,
 author = {Liu, Daiping and Hao, Shuai and Wang, Haining},
 booktitle = {{CCS}},
 title = {{All Your DNS Records Point to Us: Understanding the Security Threats of Dangling DNS Records}},
 year = {2016}
}

@inproceedings{Liu2016catalyst,
 author = {Liu, Fangfei and Ge, Qian and Yarom, Yuval and Mckeen, Frank and Rozas, Carlos and Heiser, Gernot and Lee, Ruby B},
 booktitle = {HPCA},
 title = {Catalyst: Defeating last-level cache side channel attacks in cloud computing},
 year = {2016}
}

@inproceedings{Liu2017demand,
 author = {Liu, Weijie and Gao, Debin and Reiter, Michael K},
 booktitle = {{ESORICS}},
 title = {{On-demand time blurring to support side-channel defense}},
 year = {2017}
}

@inproceedings{liu2022frequency,
 author = {Liu, Chen and Chakraborty, Abhishek and Chawla, Nikhil and Roggel, Neer},
 booktitle = {CCS},
 title = {{Frequency throttling side-channel attack}},
 year = {2022}
}

@misc{LKDDDB2017RandMemory,
 author = {{Linux Kernel Driver DataBase}},
 title = {{CONFIG\_RANDOMIZE\_MEMORY: Randomize the kernel memory sections}},
 url = {https://cateee.net/lkddb/web-lkddb/RANDOMIZE\_MEMORY.html},
 year = {2017}
}

@misc{lklm18eagerswitching,
 author = {Lutomirski, Andy},
 title = {{x86/fpu: Hard-disable lazy FPU mode}},
 year = {2018}
}

@misc{LKML2018LfenceAMD,
 author = {{LKML}},
 title = {{x86/cpu/AMD: Make LFENCE a serializing instruction}},
 url = {https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=e4d0e84e490790798691aaa0f2e598637f1867ec},
 year = {2018}
}

@misc{LKML2024Cpuvulninterface,
 author = {{LKML}},
 title = {{riscv: Enable generic CPU vulnerabilites support}},
 url = {https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=0e3f3649d44bf1b388a7613ade14c29cbdedf075},
 year = {2024}
}

@misc{LKML2025Ghostwrite,
 author = {{LKML}},
 title = {{riscv: Add ghostwrite vulnerability}},
 url = {https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=4bf97069239bcfca9840936313c7ac35a6e04488},
 year = {2025}
}

@misc{LKMLFutexSwap,
 title = {{[PATCH for 5.9 0/3] FUTEX\_SWAP (tip/locking/core)}},
 url = {https://lkml.org/lkml/2020/7/22/1202},
 year = {2019}
}

@misc{LKMLPatchProposalPerf,
 title = {Perf: do not overwrite precise Intel-PEBS timestamp},
 url = {https://lkml.org/lkml/2020/5/4/364},
 year = {2020}
}

@misc{LLVM,
 author = {{LLVM}},
 title = {{The LLVM Compiler Infrastructure}},
 url = {https://llvm.org},
 year = {2019}
}

@misc{LLVM2020Clang10,
 author = {{LLVM Project}},
 title = {{Clang 10 documentation}},
 url = {https://releases.llvm.org/10.0.0/tools/clang/docs/index.html},
 year = {2020}
}

@misc{LLVM2022CompilerRT,
 author = {{LLVM Project}},
 title = {{``compiler-rt'' runtime libraries}},
 url = {https://compiler-rt.llvm.org/},
 year = {2022}
}

@misc{LLVM2022libcxx,
 author = {{LLVM Project}},
 title = {{``libc++'' C++ Standard Library}},
 url = {https://libcxx.llvm.org/},
 year = {2022}
}

@misc{Logitech2015Extension,
 author = {{Logitech}},
 title = {{Logitech Unifying for Chrome}},
 url = {https://chrome.google.com/webstore/detail/logitech-unifying-for-chr/agpmgihmmmfkbhckmciedmhincdggomo},
 year = {2015}
}

@misc{Logitech2018hidpp,
 author = {{Logitech}},
 title = {{Public Documentation of the Logitech HID++ Protocol}},
 url = {https://drive.google.com/drive/folders/0BxbRzx7vEV7eWmgwazJ3NUFfQ28},
 year = {2018}
}

@inproceedings{Lombardi2010,
 author = {Lombardi, Flavio and Pietro, Roberto Di},
 booktitle = {International Conference on Information and Communications Security (ICICS)},
 title = {{CUDACS: Securing the Cloud with CUDA-Enabled Secure Virtualization}},
 year = {2010}
}

@inproceedings{LoneSang2010,
 author = {{Lone Sang}, Fernand and Lacombe, Eric and Nicomette, Vincent and Deswarte, Yves},
 booktitle = {International Conference on Malicious and Unwanted Software (MALWARE)},
 title = {{Exploiting an I/OMMU vulnerability}},
 year = {2010}
}

@article{Loning2019sktime,
 author = {L{\"o}ning, Markus and Bagnall, Anthony and Ganesh, Sajaysurya and Kazakov, Viktor and Lines, Jason and Kir{\'a}ly, Franz J},
 journal = {arXiv:1909.07872},
 title = {sktime: A unified interface for machine learning with time series},
 year = {2019}
}

@misc{Loongson2021Manual3A5000,
 author = {Loongson Technology Corporation Limited},
 title = {Loongson 3A5000/3B5000 Processor Reference Manual - Multicore Processor Architecture, Register Descriptions and System Software Programming Guide, Version 1.03},
 url = {https://loongson.github.io/LoongArch-Documentation/Loongson-3A5000-usermanual-EN.pdf},
 year = {2021}
}

@misc{Loongson2023LoongarchVectorManual,
 author = {Loongson},
 howpublished = {\url{https://github.com/loongson/LoongArch-Documentation/releases/download/2023.04.20/LoongArch-Vol2-v1.00-EN.pdf}},
 title = {LoongArch Reference Manual - Volume 2: Vector Extensions},
 year = {2023}
}

@misc{Loongson2023Manual,
 author = {Loongson Technology Corporation Limited},
 title = {LoongArch Reference Manual - Volume 1: Basic Architecture, Version 1.10},
 url = {https://loongson.github.io/LoongArch-Documentation/LoongArch-Vol1-EN.pdf},
 year = {2023}
}

@article{Lou2021survey,
 author = {Lou, Xiaoxuan and Zhang, Tianwei and Jiang, Jun and Zhang, Yinqian},
 journal = {ACM CSUR},
 title = {A Survey of Microarchitectural Side-channel Vulnerabilities, Attacks, and Defenses in Cryptography},
 year = {2021}
}

@inproceedings{Loughlin2021dolma,
 author = {Loughlin, Kevin and Neal, Ian and Ma, Jiacheng and Tsai, Elisa and Weisse, Ofir and Narayanasamy, Satish and Kasikci, Baris},
 booktitle = {USENIX Security Symposium},
 title = {{DOLMA: Securing Speculation with the Principle of Transient Non-Observability}},
 year = {2021}
}

@inproceedings{loughlin2023siloz,
 author = {Loughlin, Kevin and Rosenblum, Jonah and Saroiu, Stefan and Wolman, Alec and Skarlatos, Dimitrios and Kasikci, Baris},
 booktitle = {SOSP},
 title = {Siloz: Leveraging DRAM Isolation Domains to Prevent Inter-VM Rowhammer},
 year = {2023}
}

@inproceedings{loukidis2018docker,
 author = {Loukidis-Andreou, Fotis and Giannakopoulos, Ioannis and Doka, Katerina and Koziris, Nectarios},
 booktitle = {ICDCS},
 title = {{Docker-sec: A fully automated container security enhancement mechanism}},
 year = {2018}
}

@article{Louw2008,
 author = {Mike Ter Louw and
Jin Soon Lim and
V. N. Venkatakrishnan},
 bibsource = {dblp computer science bibliography, https://dblp.org},
 biburl = {https://dblp.org/rec/bib/journals/virology/LouwLV08},
 doi = {10.1007/s11416-007-0078-5},
 journal = {Journal in Computer Virology},
 number = {3},
 pages = {179--195},
 timestamp = {Wed, 17 May 2017 14:25:45 +0200},
 title = {Enhancing web browser security against malware extensions},
 url = {https://doi.org/10.1007/s11416-007-0078-5},
 volume = {4},
 year = {2008}
}

@book{Love2010,
 author = {Robert Love},
 publisher = {Addison-Wesley},
 title = {{Linux Kernel Development Third Edition}},
 year = {2010}
}

@inproceedings{Lowe-Power2018,
 author = {Lowe-Power, Jason and Akella, Venkatesh and Farrens, Matthew K and King, Samuel T and Nitta, Christopher J},
 booktitle = {HASP},
 title = {Position Paper: A case for exposing extra-architectural state in the ISA},
 year = {2018}
}

@misc{LPDDR4,
 author = {{JEDEC Solid State Technology Association}},
 title = {{Low Power Double Data Rate 4}},
 url = {http://www.jedec.org/standards-documents/docs/jesd209-4b},
 year = {2017}
}

@inproceedings{Luk2005pin,
 author = {Luk, Chi-Keung and Cohn, Robert and Muth, Robert and Patil, Harish and Klauser, Artur and Lowney, Geoff and Wallace, Steven and Reddi, Vijay Janapa and Hazelwood, Kim},
 booktitle = {{ACM SIGPLAN} notices},
 title = {{Pin: building customized program analysis tools with dynamic instrumentation}},
 year = {2005}
}

@inproceedings{Luqi1992,
 author = {Luqi and R. Steigerwald},
 booktitle = {Proceedings of the Twenty-Fifth Hawaii International Conference on System Sciences},
 title = {{Rapid Software Prototyping}},
 year = {1992}
}

@inproceedings{Lutas2019,
 author = {Lutas, Andrei and Lutas, Dan},
 booktitle = {BlackHat Europe},
 title = {{Bypassing KPTI Using the Speculative Behavior of the SWAPGS Instruction}},
 year = {2019}
}

@misc{LviGithub,
 author = {Jo Van Bulck},
 title = {{LVI: Hijacking transient execution through microarchitectural load value injection (GitHub)}},
 url = {https://github.com/jovanbulck/sgx-step/tree/master/app/lvi},
 year = {2020}
}

@misc{LWN2011vsyscall,
 author = {Jonathan Corbet},
 title = {On vsyscalls and the vDSO},
 url = {https://lwn.net/Articles/446528/},
 year = {2011}
}

@misc{LWN2018spectrecoccinelle,
 author = {Julia Lawall},
 title = {Re: [RFC PATCH] asm/generic: introduce if\_nospec and nospec\_barrier},
 url = {https://lwn.net/Articles/743287/},
 year = {2018}
}

@misc{LWN2018spectrefix,
 author = {Jonathan Corbet},
 title = {Addressing Meltdown and Spectre in the kernel},
 url = {https://lwn.net/Articles/743265/},
 year = {2018}
}

@misc{LWN_clockpro,
 author = {Jonathan Corbet},
 month = {August},
 title = {A CLOCK-Pro page replacement implementation},
 url = {https://lwn.net/Articles/147879/},
 year = {2005}
}

@misc{LWN_GCC_SLH,
 author = {LWN},
 month = {July},
 title = {Spectre V1 defense in GCC},
 url = {https://lwn.net/Articles/759423/},
 year = {2018}
}

@misc{LWN_hrtimer,
 author = {LWN},
 month = {January},
 title = {{The high-resolution timer API}},
 url = {https://lwn.net/Articles/167897/},
 year = {2006}
}

@misc{LWN_kpti,
 author = {LWN},
 title = {The current state of kernel page-table isolation},
 url = {https://lwn.net/SubscriberLink/741878/eb6c9d3913d7cb2b/},
 year = {2017}
}

@misc{LWN_smatch,
 author = {Brown, Neil},
 month = {June},
 title = {Smatch: pluggable static analysis for C},
 url = {https://lwn.net/Articles/691882/},
 year = {2016}
}

@inproceedings{Ma2011directed,
 author = {Ma, Kin-Keung and Phang, Khoo Yit and Foster, Jeffrey S and Hicks, Michael},
 booktitle = {International Static Analysis Symposium},
 title = {Directed symbolic execution},
 year = {2011}
}

@inproceedings{maas2013phantom,
 author = {Maas, Martin and Love, Eric and Stefanov, Emil and Tiwari, Mohit and Shi, Elaine and Asanovic, Krste and Kubiatowicz, John and Song, Dawn},
 booktitle = {SIGSAC},
 title = {Phantom: Practical oblivious computation in a secure processor},
 year = {2013}
}

@inproceedings{Machiry2017Boomerang,
 author = {Machiry, Aravind and Gustafson, Eric and Spensky, Chad and Salls, Chris and Stephens, Nick and Wang, Ruoyu and Bianchi, Antonio and Choe, Yung Ryn and Kruegel, Christopher and Vigna, Giovanni},
 booktitle = {{NDSS}},
 title = {{BOOMERANG: Exploiting the Semantic Gap in Trusted Execution Environments}},
 year = {2017}
}

@misc{MacOSX_KASLR,
 author = {{Apple Inc.}},
 title = {{OS X Mountain Lion Core Technologies Overview}},
 url = {http://movies.apple.com/media/us/osx/2012/docs/OSX_MountainLion_Core_Technologies_Overview.pdf},
 year = {2012}
}

@inproceedings{MacSween2018Cryptpad,
 author = {MacSween, Aaron and Delisle, Caleb James and Libbrecht, Paul and Flory, Yann},
 booktitle = {Proceedings of the ACM Symposium on Document Engineering},
 doi = {10.1145/3209280.3209535},
 isbn = {9781450357692},
 keyword = {trust, online documents, identities, encryption, collaborative editing},
 location = {Halifax, NS, Canada},
 series = {DocEng '18},
 title = {Private Document Editing with some Trust},
 url = {https://doi.org/10.1145/3209280.3209535},
 year = {2018}
}

@incollection{Maes2010,
 author = {Maes, Roel and Verbauwhede, Ingrid},
 booktitle = {Towards Hardware-Intrinsic Security},
 pages = {3--37},
 title = {{Physically unclonable functions: A study on the state of the art and future research directions}},
 year = {2010}
}

@article{Mailloux1969,
 author = {Mailloux, Barry James and Peck, John Edward Lancelot and Koster, Cornelis HA and Van Wijngaarden, A},
 journal = {Numerische Mathematik},
 pages = {79--218},
 publisher = {Springer},
 title = {{Report on the algorithmic language ALGOL 68}},
 year = {1969}
}

@inproceedings{Maisuradze2018spectre5,
 author = {{Maisuradze}, G. and {Rossow}, C.},
 booktitle = {CCS},
 title = {{ret2spec: Speculative Execution Using Return Stack Buffers}},
 year = {2018}
}

@article{Maisuradze2018speculose,
 author = {Maisuradze, Giorgi and Rossow, Christian},
 journal = {arXiv:1801.04084},
 title = {{Speculose: Analyzing the Security Implications of Speculative Execution in CPUs}},
 year = {2018}
}

@phdthesis{Maisuradze2019PhD,
 author = {Maisuradze, Giorgi},
 school = {Saarland University},
 title = {{Assessing the Security of Hardware-Assisted Isolation Techniques}},
 year = {2019}
}

@inproceedings{Maisuradze2019ROP,
 author = {Giorgi Maisuradze and Michael Backes and Christian Rossow},
 booktitle = {USENIX},
 title = {{What Cannot Be Read, Cannot Be Leveraged? Revisiting Assumptions of JIT-ROP Defenses}},
 year = {2016}
}

@inproceedings{Malone2011,
 author = {Malone, Corey and Zahran, Mohamed and Karri, Ramesh},
 booktitle = {STC},
 title = {Are hardware performance counters a cost effective way for integrity checking of programs},
 year = {2011}
}

@inproceedings{Mambretti2019,
 author = {Mambretti, Andrea and Neugschwandtner, Matthias and Sorniotti, Alessandro and Kirda, Engin and Robertson, William and Kurmus, Anil},
 booktitle = {{ACM ACSAC}},
 title = {{Speculator: A Tool to Analyze Speculative Execution Attacks and Mitigations}},
 year = {2019}
}

@article{Mambretti2020,
 author = {Mambretti, Andrea and Sandulescu, Alexandra and Sorniotti, Alessandro and Robertson, Wil and Kirda, Engin and Kurmus, Anil},
 journal = {arXiv:2003.05503},
 title = {Bypassing memory safety mechanisms through speculative control flow hijacks},
 year = {2020}
}

@misc{man72024prctl,
 author = {{Linux Manual Pages}},
 title = {{prctl(2) - Linux manual page}},
 url = {https://man7.org/linux/man-pages/man2/prctl.2.html},
 year = {2024}
}

@inproceedings{Manber1990Suffix,
 author = {Manber, Udi and Myers, Gene},
 booktitle = {Proceedings of the First Annual ACM-SIAM Symposium on Discrete Algorithms},
 title = {Suffix arrays: a new method for on-line string searches},
 year = {1990}
}

@misc{Mandava2017,
 author = {Sreenivas Mandava and Brian S. Morris and Suneeta Sah and Roy M. Stevens and Ted Rossin and Mathew W. Stefaniw and John H. Crawford},
 no-note = {US Patent Grant 2017-11-21},
 no-url = {https://encrypted.google.com/patents/US9824754B2},
 number = {US9824754B2},
 title = {Techniques for determining victim row addresses in a volatile memory},
 year = {2017}
}

@inproceedings{Mandelblat15,
 author = {Mandelblat, Julius},
 booktitle = {Intel Developer Forum (IDF15)},
 title = {Technology Insight: {Intel’s} Next Generation Microarchitecture Code Name {Skylake}},
 url = {https://en.wikichip.org/w/images/8/8f/Technology_Insight_Intel%E2%80%99s_Next_Generation_Microarchitecture_Code_Name_Skylake.pdf}
}

@inproceedings{Mandelin2011,
 author = {Dave Mandelin},
 booktitle = {O'Reilly Velocity},
 title = {{Know Your Engines: How to Make Your JavaScript Fast}},
 year = {2011}
}

@misc{Mandt2013,
 author = {Mandt, Tarjei},
 title = {{Attacking the iOS Kernel: A Look at 'evasi0n'}},
 url = {www.nislab.no/content/download/38610/481190/file/NISlecture201303.pdf},
 year = {2013}
}

@article{Manes2019fuzzing,
 author = {Man{\`e}s, Valentin Jean Marie and Han, HyungSeok and Han, Choongwoo and Cha, Sang Kil and Egele, Manuel and Schwartz, Edward J and Woo, Maverick},
 journal = {IEEE Transactions on Software Engineering},
 title = {The art, science, and engineering of fuzzing: A survey},
 year = {2019}
}

@book{Mangard2008,
 author = {Mangard, Stefan and Oswald, Elisabeth and Popp, Thomas},
 publisher = {Springer Science \& Business Media},
 title = {{Power Analysis Attacks: Revealing the Secrets of Smart Cards}},
 year = {2008}
}

@article{Mantel2017,
 author = {Mantel, Heiko and Schickel, Johannes and Weber, Alexandra and Weber, Friedrich},
 title = {{Vulnerabilities Introduced by Features for Software-based Energy Measurement}},
 year = {2017}
}

@inproceedings{Mantel2018,
 author = {Mantel, Heiko and Schickel, Johannes and Weber, Alexandra and Weber, Friedrich},
 booktitle = {European Symposium on Research in Computer Security},
 title = {{How Secure is Green IT? The Case of Software-Based Energy Side Channels}},
 year = {2018}
}

@inproceedings{Mao2016,
 author = {Mao, Jian and Chen, Yue and Shi, Futian and Jia, Yaoqi and Liang, Zhenkai},
 booktitle = {{International Conference on Wireless Algorithms, Systems, and Applications}},
 title = {{Toward Exposing Timing-Based Probing Attacks in Web Applications}},
 year = {2016}
}

@inproceedings{marazzi2023rega,
 author = {Marazzi, Michele and Solt, Flavien and Jattke, Patrick and Takashi, Kubo and Razavi, Kaveh},
 booktitle = {S\&P},
 title = {Rega: Scalable rowhammer mitigation with refresh-generating activations},
 year = {2023}
}

@article{Marco2016exploiting,
 author = {Marco-Gisbert, Hector and Ripoll-Ripoll, Ismael},
 journal = {BlackHat Asia},
 title = {{Exploiting Linux and PaX ASLR’s weaknesses on 32-and 64-bit systems}},
 year = {2016}
}

@inproceedings{Mariconti2017,
 author = {Mariconti, Enrico and Onaolapo, Jeremiah and Ahmad, Syed Sharique and Nikiforou, Nicolas and Egele, Manuel and Nikiforakis, Nick and Stringhini, Gianluca},
 booktitle = {{WWW'17}},
 title = {{What's in a Name?: Understanding Profile Name Reuse on Twitter}},
 year = {2017}
}

@article{Marschalek2018Bluehat,
 author = {Marschalek, Marion},
 journal = {Bluehat IL},
 month = {January},
 no-url = {https://www.youtube.com/watch?v=zVakbneMYbY},
 title = {{The Wolf In SGX Clothing}},
 year = {2018}
}

@inproceedings{Marshall2019,
 author = {Marshall, Ben},
 booktitle = {1st Workshop on Open-Source Design Automation (OSDA)},
 title = {{Hardware Verification In An Open Source Context}},
 year = {2019}
}

@inproceedings{Martignoni2009testing,
 author = {Martignoni, Lorenzo and Paleari, Roberto and Roglia, Giampaolo Fresi and Bruschi, Danilo},
 booktitle = {Symposium on Software Testing and Analysis},
 title = {Testing CPU emulators},
 year = {2009}
}

@inproceedings{Martignoni2010,
 author = {Martignoni, Lorenzo and Paleari, Roberto and Fresi Roglia, Giampaolo and Bruschi, Danilo},
 booktitle = {{19th International Symposium on Software Testing and Analysis}},
 title = {{Testing system virtual machines}},
 year = {2010}
}

@article{Martin2012,
 author = {Martin, Robert and Demme, John and Sethumadhavan, Simha},
 journal = {ACM SIGARCH Computer Architecture News},
 title = {TimeWarp: rethinking timekeeping and performance monitoring mechanisms to mitigate side-channel attacks},
 year = {2012}
}

@misc{Martindale2017,
 author = {James Martindale},
 title = {{I kinda hacked a few Facebook accounts using a vulnerability they won’t fix.}},
 url = {https://medium.com/@jkmartindale/i-kinda-hacked-a-few-facebook-2f5669794f79},
 year = {2017}
}

@misc{MarvellThunderX2Mon,
 author = {Marvell},
 title = {{tx2mon}},
 url = {https://github.com/Marvell-SPBU/tx2mon},
 year = {2020}
}

@misc{Masek1979Setcover,
 author = {William J. Masek},
 title = {{Some NP-complete set covering problems}},
 year = {1970}
}

@inproceedings{mashimo2019open,
 author = {Mashimo, Susumu and Fujita, Akifumi and Matsuo, Reoma and Akaki, Seiya and Fukuda, Akifumi and Koizumi, Toru and Kadomoto, Junichiro and Irie, Hidetsugu and Goshima, Masahiro and Inoue, Koji and others},
 booktitle = {ICFPT},
 title = {An open source FPGA-optimized out-of-order RISC-V soft processor},
 year = {2019}
}

@inproceedings{Mashtizadeh2015,
 author = {Ali Jos{\'{e}} Mashtizadeh and
Andrea Bittau and
Dan Boneh and
David Mazi{\`{e}}res},
 booktitle = {{CCS}},
 title = {{CCFI:} Cryptographically Enforced Control Flow Integrity},
 year = {2015}
}

@inproceedings{Maskiewicz2014Mouse,
 author = {Jacob Maskiewicz and Benjamin Ellis and James Mouradian and Hovav Shacham},
 booktitle = {WOOT},
 title = {Mouse Trap: Exploiting Firmware Updates in {USB} Peripherals},
 year = {2014}
}

@inproceedings{Masters2018,
 author = {Jon Masters and CRob},
 booktitle = {Red Hat Summit},
 title = {{Exploiting modern microarchitectures: Meltdown, Spectre, and other hardware security vulnerabilities in modern processors}},
 url = {https://www.redhat.com/files/summit/session-assets/2018/S1916-Exploiting-modern-microarchitectures-Meltdown-Spectre-and-other-hardware-security-vulnerabilities-in-modern-processors-Distribution.pdf},
 year = {2018}
}

@inproceedings{Mata2021,
 author = {Mata, Prashant and Rao, Nanditha},
 booktitle = {International Symposium on Quality Electronic Design},
 title = {Flush-Reload Attack and its Mitigation on an FPGA Based Compressed Cache Design},
 year = {2021}
}

@inproceedings{Matsui2006,
 author = {Matsui, Mitsuru},
 booktitle = {International Workshop on Fast Software Encryption},
 organization = {Springer},
 pages = {341--358},
 title = {How far can we go on the x64 processors?},
 year = {2006}
}

@article{Matz2013SystemV,
 author = {Matz, Michael and Hubicka, Jan and Jaeger, Andreas and Mitchell, Mark},
 title = {{System V Application Binary Interface}},
 year = {2013}
}

@inproceedings{Maurice2015C5,
 author = {Cl\'{e}mentine Maurice and Christoph Neumann and Olivier Heen and Aur\'{e}lien Francillon},
 booktitle = {DIMVA},
 title = {{C5: Cross-Cores Cache Covert Channel}},
 year = {2015}
}

@inproceedings{Maurice2015RAID,
 author = {Clémentine Maurice and Le Scouarnec, Nicolas and Christoph Neumann and Olivier Heen and Aur\'{e}lien Francillon},
 booktitle = {{RAID}},
 title = {{Reverse Engineering Intel Complex Addressing Using Performance Counters}},
 year = {2015}
}

@inproceedings{Maurice2017Hello,
 author = {Clémentine Maurice and Manuel Weber and Michael Schwarz and Lukas Giner and Daniel Gruss and Alberto Boano, Carlo and Stefan Mangard and Kay R{\"o}mer},
 booktitle = {NDSS},
 title = {{Hello from the Other Side: SSH over Robust Cache Covert Channels in the Cloud}},
 year = {2017}
}

@misc{max_mmap,
 author = {{kernel.org}},
 title = {{Documentation for /proc/sys/vm/*        kernel version 2.6.29}},
 url = {https://www.kernel.org/doc/Documentation/sysctl/vm.txt},
 year = {2019}
}

@article{mayer2009any,
 author = {Mayer, Jonathan R},
 journal = {Undergraduate Senior Thesis, Princeton University},
 title = {Any person... a pamphleteer”: Internet Anonymity in the Age of Web 2.0},
 year = {2009}
}

@article{Mayes2006,
 author = {Mayes, Keith and Markantonakis, Konstantinos and Chen, Calvin},
 journal = {Smart Card Technology International, The Global Journal of Advanced Card Technology},
 pages = {78--82},
 title = {{Smart Card Platform-Fingerprinting}},
 year = {2006}
}

@inproceedings{Mazouz2017,
 author = {Mazouz, Abdelhafid and Wong, David C and Kuck, David and Jalby, William},
 booktitle = {ACM ICPE},
 title = {{An Incremental Methodology for Energy measurement and Modeling}},
 year = {2017}
}

@misc{mbedTLS2024Security,
 author = {{The Mbed TLS Contributors}},
 title = {{Security}},
 url = {https://mbed-tls.readthedocs.io/en/latest/project/long-term-plans/#security},
 year = {2024}
}

@misc{MbedTLS_KB,
 author = {{ARMmbed}},
 month = {February},
 note = {Retrieved on October 24, 2016},
 title = {{Reduce mbed TLS memory and storage footprint}},
 url = {https://tls.mbed.org/kb/how-to/reduce-mbedtls-memory-and-storage-footprint},
 year = {2016}
}

@misc{mccalpin1995stream,
 author = {McCalpin, John D},
 title = {Stream benchmark},
 url = {www.cs.virginia.edu/stream/ref.html},
 year = {1995}
}

@techreport{Mccalpin2021slices,
 author = {McCalpin, John D},
 title = {Mapping addresses to l3/cha slices in intel processors},
 year = {2021}
}

@inproceedings{Mccann2017Towards,
 author = {McCann, David and Oswald, Elisabeth and Whitnall, Carolyn},
 booktitle = {USENIX},
 title = {Towards Practical Tools for Side Channel Aware Software Engineering:'Grey Box'Modelling for Instruction Leakages},
 year = {2017}
}

@inproceedings{McCanne1993bsd,
 author = {McCanne, Steven and Jacobson, Van},
 booktitle = {{USENIX} Winter},
 month = {January},
 title = {{The BSD Packet Filter: A New Architecture for User-level Packet Capture}},
 year = {1993}
}

@article{McCluskey1956minimization,
 author = {McCluskey, Edward J},
 journal = {The Bell System Technical Journal},
 number = {6},
 title = {Minimization of Boolean functions},
 volume = {35},
 year = {1956}
}

@article{Mccune2008,
 author = {Mccune, Jonathan M. and Parno, Bryan and Perrig, Adrian and Reiter, Michael K. and Isozaki, Hiroshi},
 journal = {ACM SIGOPS Operating Systems Review},
 number = {4},
 pages = {315--328},
 title = {{Flicker: An Execution Infrastructure for TCB Minimization}},
 volume = {42},
 year = {2008}
}

@inproceedings{Mccune2010,
 author = {Mccune, Jonathan M. and Li, Yanlin and Qu, Ning and Zhou, Zongwei and Datta, Anupam and Gligor, Virgil and Perrig, Adrian},
 booktitle = {S\&P'10},
 pages = {267--272},
 title = {{TrustVisor: Efficient TCB Reduction and Attestation}},
 year = {2010}
}

@inproceedings{Mccurdy2013prefetch,
 author = {McCurdy, Collin and Marin, Gabriel and Vetter, Jeffrey S},
 booktitle = {International Workshop on Performance Modeling, Benchmarking and Simulation of High Performance Computer Systems},
 series = {PMBS '13},
 title = {Characterizing the Impact of Prefetching on Scientific Application Performance},
 year = {2013}
}

@inproceedings{McDermott2012,
 author = {McDermott, John and Montrose, Bruce and Li, Margery and Kirby, James and Kang, Myong},
 booktitle = {ACSAC'12},
 location = {New York, New York, USA},
 pages = {419},
 title = {{Separation virtual machine monitors}},
 year = {2012}
}

@article{McDougall2010,
 author = {McDougall, Richard and Anderson, Jennifer},
 journal = {ACM SIGOPS Operating Systems Review},
 number = {4},
 pages = {40--56},
 title = {{Virtualization Performance Perspectives and Challenges Ahead}},
 volume = {44},
 year = {2010}
}

@techreport{McFarling1993predictor,
 author = {McFarling, Scott},
 institution = {Digital Western Research Laboratory},
 title = {Combining branch predictors},
 year = {1993}
}

@article{Mcilroy2019,
 author = {Mcilroy, Ross and Sevcik, Jaroslav and Tebbi, Tobias and Titzer, Ben L and Verwaest, Toon},
 journal = {arXiv:1902.05178},
 title = {Spectre is here to stay: An analysis of side-channels and speculative execution},
 year = {2019}
}

@article{Mckeeman1998Differential,
 author = {McKeeman, William M},
 booktitle = {Digital Technical Journal},
 title = {Differential testing for software},
 year = {1998}
}

@inproceedings{McKeen2013,
 author = {McKeen, Frank and Alexandrovich, Ilya and Berenzon, Alex and Rozas, Carlos V and Shafi, Hisham and Shanbhogue, Vedvyas and Savagaonkar, Uday R},
 booktitle = {{HASP@ ISCA}},
 title = {{Innovative instructions and software model for isolated execution.}},
 year = {2013}
}

@article{McPhee1972integrity,
 author = {{McPhee}, W. S.},
 journal = {IBM Systems Journal},
 title = {Operating system integrity in OS/VS2},
 year = {1974}
}

@inproceedings{McVoy1996LMbench,
 author = {McVoy, Larry and Staelin, Carl},
 booktitle = {USENIX ATC},
 title = {Lmbench: Portable Tools for Performance Analysis},
 year = {1996}
}

@misc{mdn-webextension-api-filterresponsedata,
 author = {MDN Web Docs},
 title = {{webRequest.filterResponseData} API},
 url = {https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/webRequest/filterResponseData},
 year = {2025}
}

@misc{MDN2018json,
 author = {Mozilla},
 title = {{mdn-browser-compat-data}},
 url = {https://github.com/mdn/browser-compat-data},
 year = {2018}
}

@misc{MDN2018privatebrowsing,
 author = {Mozilla},
 title = {{Supporting private browsing mode}},
 url = {https://developer.mozilla.org/en-US/docs/Glossary/Vendor_Prefix},
 year = {2018}
}

@misc{MDN2018reflect,
 author = {Mozilla},
 title = {{Reflect}},
 url = {https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Reflect},
 year = {2018}
}

@misc{MDN2018vendor,
 author = {Mozilla},
 title = {{Vendor Prefix}},
 url = {https://developer.mozilla.org/en-US/docs/Glossary/Vendor_Prefix},
 year = {2018}
}

@misc{Mdn2023atrules,
 author = {MDN Web Docs},
 title = {{CSS at-rules}},
 url = {{https://developer.mozilla.org/en-US/docs/Web/CSS/At-rule}},
 year = {2023}
}

@misc{Mdn2023cookies,
 author = {MDN Web Docs},
 title = {{Using HTTP cookies}},
 url = {{https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies}},
 year = {2023}
}

@misc{Mdn2023css,
 author = {MDN Web Docs},
 title = {{CSS: Cascading Style Sheets}},
 url = {{https://developer.mozilla.org/en-US/docs/Web/CSS}},
 year = {2023}
}

@misc{Mdn2023cssenv,
 author = {MDN Web Docs},
 title = {{CSS env()}},
 url = {{https://developer.mozilla.org/en-US/docs/Web/CSS/env}},
 year = {2023}
}

@misc{Mdn2023frames,
 author = {MDN Web Docs},
 title = {{<frame>}},
 url = {{https://developer.mozilla.org/en-US/docs/Web/HTML/Element/frame}},
 year = {2023}
}

@misc{Mdn2023mediaqueries,
 author = {MDN Web Docs},
 title = {{CSS media queries}},
 url = {{https://developer.mozilla.org/en-US/docs/Web/CSS/CSS_media_queries}},
 year = {2023}
}

@misc{Mdn2023valuefunc,
 author = {MDN Web Docs},
 title = {{CSS value functions}},
 url = {{https://developer.mozilla.org/en-US/docs/Web/CSS/CSS_Functions}},
 year = {2023}
}

@misc{Mdn2024clientsidestorage,
 author = {MDN Web Docs},
 title = {{Client-side storage}},
 url = {{https://developer.mozilla.org/en-US/docs/Learn_web_development/Extensions/Client-side_APIs/Client-side_storage}},
 year = {2025}
}

@misc{Mdn2024iframe,
 author = {MDN Web Docs},
 title = {{<iframe>: The Inline Frame element}},
 url = {{https://developer.mozilla.org/en-US/docs/Web/HTML/Element/iframe}},
 year = {2024}
}

@misc{Mdn2024IntegrityPolicy,
 author = {MDN Web Docs},
 title = {{Integrity-Policy} Header},
 url = {{https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Integrity-Policy}},
 year = {2025}
}

@misc{Mdn2024namespace,
 author = {MDN Web Docs},
 title = {{Namespace}},
 url = {{https://developer.mozilla.org/en-US/docs/Glossary/Namespace}},
 year = {2024}
}

@misc{Mdn2024quirks,
 author = {MDN Web Docs},
 title = {{Quirks Mode and Standards Mode}},
 url = {{https://developer.mozilla.org/en-US/docs/Web/HTML/Quirks_Mode_and_Standards_Mode}},
 year = {2024}
}

@misc{Mdn2024selectors,
 author = {MDN Web Docs},
 title = {{CSS selectors}},
 url = {{https://developer.mozilla.org/en-US/docs/Web/CSS/CSS_selectors}},
 year = {2024}
}

@misc{Mdn2024sop,
 author = {MDN Web Docs},
 title = {{Same-origin policy}},
 url = {{https://developer.mozilla.org/en-US/docs/Web/Security/Same-origin_policy}},
 year = {2024}
}

@misc{Mdn2024specificity,
 author = {MDN Web Docs},
 title = {{CSS specificity}},
 url = {{https://developer.mozilla.org/en-US/docs/Web/CSS/Specificity}},
 year = {2024}
}

@misc{Mdn2024sri,
 author = {MDN Web Docs},
 title = {{Subresource Integrity}},
 url = {{https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity}},
 year = {2025}
}

@misc{Mdn2024style,
 author = {MDN Web Docs},
 title = {{style attribute}},
 url = {{https://developer.mozilla.org/en-US/docs/Web/HTML/Global_attributes/style}},
 year = {2024}
}

@misc{Mdn2024webkitscrollbar,
 author = {MDN Web Docs},
 title = {{::-webkit-scrollbar}},
 url = {{https://developer.mozilla.org/en-US/docs/Web/CSS/::-webkit-scrollbar}},
 year = {2024}
}

@misc{Mdn2025cache,
 author = {MDN Web Docs},
 title = {HTTP caching},
 url = {{https://developer.mozilla.org/de/docs/Web/HTTP/Guides/Caching}},
 year = {2025}
}

@misc{Mdn2025fragment,
 author = {MDN Web Docs},
 title = {{URI fragment}},
 url = {{https://developer.mozilla.org/en-US/docs/Web/URI/Reference/Fragment}},
 year = {2025}
}

@misc{Mdn2025webauthn,
 author = {MDN Web Docs},
 title = {{Web Authentication API}},
 url = {{https://developer.mozilla.org/en-US/docs/Web/API/Web_Authentication_API}},
 year = {2025}
}

@misc{Mdn2025webextensions,
 author = {MDN Web Docs},
 title = {{Browser extensions}},
 url = {{https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions}},
 year = {2025}
}

@article{Mehrnezhad2016,
 author = {Mehrnezhad, Maryam and Toreini, Ehsan and Shahandashti, Siamak F and Hao, Feng},
 journal = {Journal of Information Security and Applications},
 title = {Touchsignatures: identification of user touch actions and pins based on mobile sensor data via javascript},
 year = {2016}
}

@inproceedings{Meissner2021WAIT,
 author = {Mei\ss{}ner, Echo and Kargl, Frank and Erb, Benjamin},
 booktitle = {Proceedings of the Annual ACM Symposium on Applied Computing},
 doi = {10.1145/3412841.3442143},
 isbn = {9781450381048},
 keyword = {integrity, transparency, web application},
 location = {Virtual Event, Republic of Korea},
 numpages = {4},
 series = {SAC '21},
 title = {WAIT: Protecting the Integrity of Web Applications with Binary-Equivalent Transparency},
 url = {https://doi.org/10.1145/3412841.3442143},
 year = {2021}
}

@misc{meixler2024issue,
 author = {{GitHub User - meixler}},
 title = {{GitHub Issue 311 - Meta Code Verify}},
 url = {https://github.com/facebookincubator/meta-code-verify/issues/311},
 year = {2024}
}

@inproceedings{melara2015coniks,
 author = {Melara, Marcela S and Blankstein, Aaron and Bonneau, Joseph and Felten, Edward W and Freedman, Michael J},
 booktitle = {{USENIX} Security Symposium},
 title = {$\{$CONIKS$\}$: Bringing key transparency to end users},
 year = {2015}
}

@inproceedings{Melicher2016,
 author = {Melicher, William and Ur, Blase and Segreti, Sean M. and Komanduri, Saranga and Bauer, Lujo and Christin, Nicolas and Cranor, Lorrie Faith},
 booktitle = {USENIX Security Symposium},
 title = {{Fast, Lean, and Accurate: Modeling Password Guessability Using Neural Networks}},
 year = {2016}
}

@misc{MeltdownGithub,
 author = {IAIK},
 title = {{Meltdown Proof-of-Concept (GitHub)}},
 url = {https://github.com/IAIK/meltdown},
 year = {2019}
}

@inproceedings{Mendelson2019secure,
 author = {Mendelson, Avi},
 booktitle = {System-on-Chip Conference (SOCC)},
 title = {Secure Speculative Core},
 year = {2019}
}

@inproceedings{Mendis2019ithemal,
 author = {Mendis, Charith and Renda, Alex and Amarasinghe, Saman and Carbin, Michael},
 booktitle = {ICML},
 title = {Ithemal: Accurate, portable and fast basic block throughput estimation using deep neural networks},
 year = {2019}
}

@inproceedings{Mendoncca2008,
 author = {Mendon{\c{c}}a, Manuel and Neves, Nuno},
 booktitle = {{IEEE EDCC}},
 title = {{Fuzzing wi-fi drivers to locate security vulnerabilities}},
 year = {2008}
}

@book{menezes2018handbook,
 author = {Menezes, Alfred J and Van Oorschot, Paul C and Vanstone, Scott A},
 publisher = {CRC press},
 title = {{Handbook of applied cryptography}},
 year = {2018}
}

@misc{Mengs2019Logitech,
 author = {{Marcus Mengs}},
 title = {{Summary / Overview of known Logitech wireless peripheral vulnerabilities}},
 url = {https://github.com/mame82/misc/blob/5e7f02962b5556a03aa6d4277c8618e536117f7b/logitech_vuln_summary.md},
 year = {2019}
}

@article{Mercier2010,
 author = {Mercier, Hugues and Bhargava, Vijay K and Tarokh, Vahid},
 journal = {IEEE Communications Surveys \& Tutorials},
 number = {December},
 pages = {87--96},
 title = {A survey of error-correcting codes for channels with symbol synchronization errors},
 volume = {1},
 year = {2010}
}

@article{Merkel2014Docker,
 author = {Merkel, Dirk},
 journal = {Linux Journal},
 title = {Docker: lightweight linux containers for consistent development and deployment},
 year = {2014}
}

@inproceedings{Merli2011,
 author = {Merli, Dominik and Schuster, Dieter and Stumpf, Frederic and Sigl, Georg},
 booktitle = {Proceedings of the 4th International Conference on Trust and Trustworthy Computing},
 pages = {33--47},
 title = {{Side-Channel Analysis of PUFs and Fuzzy Extractors}},
 year = {2011}
}

@inbook{Messerges2000,
 author = {Messerges, Thomas S.},
 booktitle = {CHES'2000},
 title = {{Using Second-Order Power Analysis to Attack DPA Resistant Software}},
 year = {2000}
}

@misc{Meta2022codeverify,
 author = {{Meta}},
 title = {{Code Verify: An open source browser extension for verifying code authenticity on the web}},
 url = {https://engineering.fb.com/2022/03/10/security/code-verify/},
 year = {2022}
}

@misc{Meta2022codeverifysource,
 author = {{Meta}},
 title = {{Code Verify on GitHub}},
 url = {https://github.com/facebookincubator/meta-code-verify},
 year = {2022}
}

@misc{MetasploitGithub,
 author = {Rapid7},
 title = {{Metasploit Framework}},
 url = {https://github.com/rapid7/metasploit-framework},
 year = {2020}
}

@inproceedings{meulemeester2025Badram,
 author = {De Meulemeester, Jesse and Wilke, Luca and Oswald, David and Eisenbarth, Thomas and Verbauwhede, Ingrid and Van Bulck, Jo},
 booktitle = {S\&P},
 title = {{BadRAM}: Practical Memory Aliasing Attacks on Trusted Execution Environments},
 year = {2025}
}

@inproceedings{meyer2014revisiting,
 address = {San Diego, CA},
 author = {Christopher Meyer and Juraj Somorovsky and Eugen Weiss and J{\"o}rg Schwenk and Sebastian Schinzel and Erik Tews},
 booktitle = {23rd {USENIX} Security Symposium ({USENIX} Security 14)},
 isbn = {978-1-931971-15-7},
 month = {August},
 pages = {733--748},
 publisher = {{USENIX} Association},
 title = {{Revisiting SSL/TLS Implementations: New Bleichenbacher Side Channels and Attacks}},
 url = {https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/meyer},
 year = {2014}
}

@inproceedings{Meyerovich2010,
 author = {Meyerovich, Leo A and Livshits, Benjamin},
 booktitle = {{S\&P'10}},
 title = {{ConScript: Specifying and enforcing fine-grained security policies for Javascript in the browser}},
 year = {2010}
}

@misc{Miagkov2015,
 author = {Alexei Miagkov},
 title = {{Chameleon - Browser fingerprinting protection for everybody}},
 url = {https://github.com/ghostwords/chameleon},
 year = {2015}
}

@misc{MicronDDR4,
 author = {Micron Technology, Inc.},
 title = {DDR4 SDRAM: MT40A1G4, MT40A512M8, MT40A256M16},
 url = {http://www.micron.com/~/media/documents/products/data-sheet/dram/ddr4/4gb_ddr4_sdram.pdf},
 year = {2014}
}

@misc{MicronTN-46-09,
 author = {Micron},
 title = {{Designing for 1Gb DDR SDRAM}},
 url = {https://www.micron.com/~/media/documents/products/technical-note/dram/tn4609.pdf},
 year = {2003}
}

@misc{microsoft2014word,
 author = {Microsoft},
 title = {{Word 2007 HTML and CSS Rendering Capabilities in Outlook 2007 (Part 1 of 2)}},
 url = {{https://learn.microsoft.com/en-us/previous-versions/office/developer/office-2007/aa338201(v=office.12)}},
 year = {2014}
}

@misc{Microsoft2018edge,
 author = {{Microsoft}},
 title = {{Mitigating speculative execution side-channel attacks in Microsoft Edge and Internet Explorer}},
 year = {2018}
}

@misc{Microsoft2018HyperV,
 author = {{Microsoft Techcommunity}},
 title = {{Hyper-V HyperClear Mitigation for L1 Terminal Fault}},
 url = {https://techcommunity.microsoft.com/t5/Virtualization/Hyper-V-HyperClear-Mitigation-for-L1-Terminal-Fault/ba-p/382429},
 year = {2018}
}

@misc{Microsoft2018Spectre,
 author = {Andrew Pardoe},
 title = {Spectre mitigations in {MSVC}},
 year = {2018}
}

@misc{Microsoft2019Azure,
 author = {{Microsoft}},
 title = {{Azure serverless computing}},
 url = {https://azure.microsoft.com/en-us/overview/serverless-computing/},
 year = {2019}
}

@misc{Microsoft2019retpoline,
 author = {Microsoft Corp.},
 url = {https://support.microsoft.com/en-us/help/4482887/windows-10-update-kb4482887},
 year = {2019}
}

@misc{Microsoft2020OneFuzz,
 author = {{Microsoft Security Blog}},
 howpublished = {\url{https://www.microsoft.com/en-us/security/blog/2020/09/15/microsoft-onefuzz-framework-open-source-developer-tool-fix-bugs/}},
 title = {Microsoft announces new Project OneFuzz framework, an open source developer tool to find and fix bugs at scale},
 year = {2020}
}

@misc{Microsoft2021vbs,
 author = {{Microsoft}},
 title = {Virtualization-based Security (VBS)},
 url = {https://docs.microsoft.com/en-us/windows-hardware/design/device-experiences/oem-vbs},
 year = {2021}
}

@misc{microsoft2022gill,
 author = {Microsoft},
 title = {{Gill Sans MT font family}},
 url = {{https://learn.microsoft.com/en-us/typography/font-list/gill-sans-mt}},
 year = {2022}
}

@misc{Microsoft2022HIDArch,
 author = {{Microsoft}},
 title = {{HID Architecture}},
 url = {https://learn.microsoft.com/en-us/windows-hardware/drivers/hid/hid-architecture#hid-clients-supported-in-windows},
 year = {2022}
}

@misc{microsoft2022leelawadee,
 author = {Microsoft},
 title = {{Leelawadee font family}},
 url = {{https://learn.microsoft.com/en-us/typography/font-list/leelawadee}},
 year = {2022}
}

@misc{microsoft2022win11fonts,
 author = {Microsoft},
 title = {{Windows 11 font list}},
 url = {{https://learn.microsoft.com/en-us/typography/fonts/windows_11_font_list}},
 year = {2022}
}

@misc{microsoft2023proxy,
 author = {Microsoft},
 title = {{Outlook for iOS and Android in Exchange Online: FAQ}},
 url = {{https://learn.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/outlook-for-ios-and-android/outlook-for-ios-and-android-faq#q-does-outlook-for-ios-and-android-support-proxy-configurations}},
 year = {2023}
}

@misc{Microsoft2023screen,
 author = {Microsoft},
 title = {{Copy the window or screen contents}},
 url = {https://support.microsoft.com/en-us/office/copy-the-window-or-screen-contents-98c41969-51e5-45e1-be36-fb9381b32bb7},
 year = {2023}
}

@misc{Microsoft2023voice,
 author = {Microsoft},
 title = {{Use voice typing to talk instead of type on your PC}},
 url = {https://support.microsoft.com/en-us/windows/use-voice-typing-to-talk-instead-of-type-on-your-pc-fec94565-c4bd-329d-e59a-af033fa5689f},
 year = {2023}
}

@misc{Microsoft_Docker,
 author = {Microsoft},
 month = {10},
 title = {Create a Docker environment in Azure using the Docker VM extension},
 url = {https://azure.microsoft.com/en-us/documentation/articles/virtual-machines-linux-dockerextension/},
 year = {2016}
}

@misc{MicrosoftAzureRDMA,
 author = {{Microsoft Azure}},
 title = {{High performance compute VM sizes}},
 url = {https://docs.microsoft.com/en-us/azure/virtual-machines/windows/sizes-hpc},
 year = {2018}
}

@misc{MicrosoftMADT2016,
 author = {Microsoft},
 month = {July},
 title = {ACPI system description tables},
 url = {https://msdn.microsoft.com/en-us/windows/hardware/drivers/bringup/acpi-system-description-tables#madt},
 year = {2016}
}

@misc{MicrosoftMSRC,
 author = {Simon Pope},
 title = {{Inside the MSRC - Customer-centric incident response}},
 url = {https://msrc-blog.microsoft.com/2019/06/25/inside-the-msrc-customer-centric-incident-response/},
 year = {2019}
}

@inproceedings{Miedl2020,
 author = {Miedl, Philipp and Klopott, Bruno and Thiele, Lothar},
 booktitle = {Proceedings of the 2020 Design, Automation \& Test in Europe Conference \& Exhibition (DATE)},
 title = {{Increased reproducibility and comparability of data leak evaluations using ExOT}},
 year = {2020}
}

@article{Milburn2022lfence,
 author = {Milburn, Alyssa and Sun, Ke and Kawakami, Henrique},
 journal = {arXiv:2203.04277},
 title = {You cannot always win the race: Analyzing the lfence/jmp mitigation for branch target injection},
 year = {2022}
}

@online{Milkv2023Pioneer,
 author = {Milk-V},
 title = {{Milk-V Pioneer}},
 url = {https://milkv.io/pioneer},
 year = {2023}
}

@article{miller1990empirical,
 author = {Miller, Barton P and Fredriksen, Lars and So, Bryan},
 journal = {Communications of the ACM},
 title = {An empirical study of the reliability of UNIX utilities},
 year = {1990}
}

@techreport{Miller1995,
 author = {Miller, Barton P and Koski, David and Lee, Cjin Pheow and Maganty, Vivekananda and Murthy, Ravi and Natarajan, Ajitkumar and Steidl, Jeff},
 institution = {University of Wisconsin},
 title = {{Fuzz revisited: A re-examination of the reliability of UNIX utilities and services}},
 year = {1995}
}

@misc{Miller2004safely,
 author = {Miller, Matt},
 title = {Safely Searching Process Virtual Address Space},
 year = {2004}
}

@inproceedings{Miller2006,
 author = {Miller, Barton P and Cooksey, Gregory and Moore, Fredrick},
 booktitle = {1st International Workshop on Random Testing},
 title = {An empirical study of the robustness of macos applications using random testing},
 year = {2006}
}

@misc{Miller2018taxonomy,
 author = {Miller, Matt},
 title = {{Mitigating speculative execution side channel hardware vulnerabilities}},
 year = {2018}
}

@article{Miller2019Bluehat,
 author = {Miller, Matt},
 journal = {Bluehat IL},
 month = {February},
 title = {{Trends, challenges, and strategic shifts in the software vulnerability mitigation landscape}},
 year = {2019}
}

@article{Miller2022Fuzz,
 author = {Barton P. Miller and Mengxiao Zhang and Elisa R. Heymann},
 journal = {IEEE Transactions on Software Engineering},
 title = {The Relevance of Classic Fuzz Testing: Have We Solved This One?},
 volume = {48},
 year = {2022}
}

@techreport{Mills1985,
 author = {Mills, David and others},
 institution = {RFC-958, M/A-COM Linkabit},
 title = {{Network Time Protocol}},
 year = {1985}
}

@inproceedings{Milos2009,
 author = {Mi{\l}{\'o}s, Grzegorz and Murray, Derek G and Hand, Steven and Fetterman, Michael A},
 booktitle = {{USENIX ATC}},
 title = {{Satori: Enlightened page sharing}},
 year = {2009}
}

@inproceedings{Ming2015,
 author = {Jiang Ming and Dinghao Wu and Gaoyao Xiao and Jun Wang and Peng Liu},
 booktitle = {{USENIX Security Symposium}},
 title = {TaintPipe: Pipelined Symbolic Taint Analysis},
 year = {2015}
}

@article{Minkin2019,
 author = {Minkin, Marina and Moghimi, Daniel and Lipp, Moritz and Schwarz, Michael and van Bulck, Jo and Genkin, Daniel and Gruss, Daniel and Sunar, Berk and Piessens, Frank and Yarom, Yuval},
 journal = {arXiv:1905.12701},
 title = {{Fallout: Reading Kernel Writes From User Space}},
 year = {2019}
}

@inproceedings{Mirbagher2020perspectron,
 author = {Mirbagher-Ajorpaz, Samira and Pokam, Gilles and Mohammadian-Koruyeh, Esmaeil and Garza, Elba and Abu-Ghazaleh, Nael and Jim{\'e}nez, Daniel A},
 booktitle = {{IEEE MICRO}},
 title = {Perspectron: Detecting invariant footprints of microarchitectural attacks with perceptron},
 year = {2020}
}

@inproceedings{mishra2018shredder,
 author = {Mishra, Shachee and Polychronakis, Michalis},
 booktitle = {{ACSAC}},
 title = {Shredder: Breaking exploits through API specialization},
 year = {2018}
}

@book{mitchell2005trusted,
 author = {Mitchell, Chris},
 publisher = {Iet},
 title = {{Trusted computing}},
 volume = {6},
 year = {2005}
}

@misc{Mitchell2020RyzenSoftwareOptimization,
 author = {{Mitchell, Kenneth}},
 title = {{AMD Ryzen Processor Software Optimization}},
 year = {2020}
}

@misc{Mitre,
 author = {{The MITRE Corporation}},
 title = {Common Vulnerabilities and Exposures},
 url = {http://cve.mitre.org/}
}

@misc{Miura2003buffer,
 author = {Miura, Shuuichi and Kurosawa, Kenichi and Nakamikawa, Tetsuaki and Hirose, Kenji},
 month = {September},
 note = {US Patent 65,345,560},
 publisher = {Google Patents},
 title = {Prefetch Buffer and Information Processing System Using the Same},
 year = {1994}
}

@article{Mockapetris1987,
 author = {Mockapetris, Paul V},
 title = {{Domain names-concepts and facilities}},
 year = {1987}
}

@inproceedings{Mogage2019SGX,
 author = {Mogage, Andrei and Pires, Rafael and Cr{\u{a}}ciun, Vlad and Felber, Pascal and Onica, Emanuel},
 booktitle = {SRDS},
 title = {Supply chain malware targets SGX: Take care of what you sign (Practical Experience Report)},
 year = {2019}
}

@inproceedings{Moghimi2017,
 author = {Moghimi, Ahmad and Irazoqui, Gorka and Eisenbarth, Thomas},
 booktitle = {{CHES}},
 title = {{Cache\-zoom: How SGX amplifies the power of cache attacks}},
 year = {2017}
}

@inproceedings{Moghimi2018,
 author = {Moghimi, Ahmad and Eisenbarth, Thomas and Sunar, Berk},
 booktitle = {CT-RSA},
 title = {{MemJam: A False Dependency Attack against Constant-Time Crypto Implementations in SGX}},
 year = {2018}
}

@inproceedings{Moghimi2020copycat,
 author = {Daniel Moghimi and Jo Van Bulck and Nadia Heninger and Frank Piessens and Berk Sunar},
 booktitle = {{USENIX Security Symposium}},
 title = {{CopyCat: Controlled Instruction-Level Attacks on Enclaves for Maximal Key Extraction}},
 year = {2020}
}

@article{Moghimi2020data,
 author = {Moghimi, Daniel},
 journal = {arXiv preprint arXiv:2007.07428},
 title = {Data Sampling on MDS-resistant 10th Generation Intel Core (Ice Lake)},
 year = {2020}
}

@inproceedings{Moghimi2020medusa,
 author = {Moghimi, Daniel and Lipp, Moritz and Sunar, Berk and Schwarz, Michael},
 booktitle = {{USENIX Security Symposium}},
 title = {{Medusa: Microarchitectural Data Leakage via Automated Attack Synthesis}},
 year = {2020}
}

@inproceedings{Moghimi2023downfall,
 author = {Moghimi, Daniel},
 booktitle = {{USENIX Security}},
 title = {Downfall: Exploiting Speculative Data Gathering},
 year = {2023}
}

@inproceedings{Mohammadmoradi2018Making,
 author = {Mohammadmoradi, Hessam and Gnawali, Omprakash},
 booktitle = {International Conference on Smart Digital Environment},
 title = {Making whitelisting-based defense work against badusb},
 year = {2018}
}

@inproceedings{Molka2010,
 author = {Molka, Daniel and Hackenberg, Daniel and Sch{\"o}ne, Robert and M{\"u}ller, Matthias S},
 booktitle = {{International Conference on Green Computing}},
 organization = {IEEE},
 title = {{Characterizing the Energy Consumption of Data Transfers and Arithmetic Operations on x86-64 Processors}},
 year = {2010}
}

@inproceedings{Molka2015cache,
 author = {Molka, Daniel and Hackenberg, Daniel and Sch{\"o}ne, Robert and Nagel, Wolfgang E},
 booktitle = {ICPP},
 title = {{Cache Coherence Protocol and Memory Performance of the Intel Haswell-EP Architecture}},
 year = {2015}
}

@inproceedings{Moll2018Partial,
 author = {Simon Moll and Sebastian Hack},
 booktitle = {{Proceedings of the 39th Conference on Programming Language Design and Implementation}},
 doi = {10.1145/3192366.3192413},
 pages = {543--556},
 publisher = {{ACM}},
 title = {{Partial control-flow linearization}},
 year = {2018}
}

@article{Mollick2023AI,
 author = {Mollick, Ethan R and Mollick, Lilach},
 journal = {The Wharton School Research Paper},
 title = {Using AI to implement effective teaching strategies in classrooms: Five strategies, including prompts},
 year = {2023}
}

@inproceedings{molnar2005program,
 author = {Molnar, David and Piotrowski, Matt and Schultz, David and Wagner, David},
 booktitle = {International Conference on Information Security and Cryptology},
 title = {{The program counter security model: Automatic detection and removal of control-flow side channel attacks}},
 year = {2005}
}

@misc{Molnar2017Kaslr,
 author = {Molnar, Ingor},
 title = {{x86: Enable KASLR by default}},
 url = {https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6807c84652b0b7e2e198e50a9ad47ef41b236e59},
 year = {2017}
}

@inproceedings{Monaco2018,
 author = {Monaco, John},
 booktitle = {{S\&P}},
 title = {{SoK: Keylogging Side Channels}},
 year = {2018}
}

@article{Moon1996EM,
 author = {Moon, Todd K},
 journal = {IEEE Signal processing magazine},
 number = {6},
 title = {The expectation-maximization algorithm},
 volume = {13},
 year = {1996}
}

@inproceedings{Morbitzer2018severed,
 author = {Morbitzer, Mathias and Huber, Manuel and Horsch, Julian and Wessel, Sascha},
 booktitle = {EuroSec},
 title = {Severed: Subverting amd's virtual machine encryption},
 year = {2018}
}

@inproceedings{Morgan2025slice,
 author = {Morgan, Bradley and Horowitz, Gal and O'Connell, Sioli and van Schaik, Stephan and Chuengsatiansup, Chitchanok and Genkin, Daniel and Maennel, Olaf and Montague, Paul and Ronen, Eyal and Yarom, Yuval},
 booktitle = {S\&P},
 title = {Slice+Slice Baby: Generating Last-Level Cache Eviction Sets in the Blink of an Eye},
 year = {2025}
}

@misc{Morton2015Pagemap,
 author = {Andrew Morton},
 title = {{[RFC][PATCH 1/2] fs proc: make pagemap a privileged interface}},
 url = {https://lore.kernel.org/all/20150312153533.d1c6083e4a9e7825b1a4bc64@linux-foundation.org/},
 year = {2015}
}

@inproceedings{moser2007limits,
 author = {Moser, Andreas and Kruegel, Christopher and Kirda, Engin},
 booktitle = {ACSAC},
 title = {Limits of static analysis for malware detection},
 year = {2007}
}

@article{mosier2025uspectre,
 author = {Mosier, Nicholas and Nemati, Hamed and Mitchell, John C and Trippel, Caroline},
 journal = {arXiv preprint},
 title = {Analyzing and Exploiting Branch Mispredictions in Microcode},
 year = {2025}
}

@misc{Mouton2012microTag,
 author = {Mouton, Louis-Marie Vincent and Huot, Nicolas Jean Phillippe and Grandou, Gilles Eric and Brochier, Stephane Eric Sebastian},
 note = {US Patent 8,151,055},
 publisher = {Google Patents},
 title = {Cache accessing using a micro TAG},
 year = {2012}
}

@inproceedings{Mowery2011fingerprinting,
 author = {Mowery, Keaton and Bogenreif, Dillon and Yilek, Scott and Shacham, Hovav},
 booktitle = {{W2SP}},
 title = {{Fingerprinting information in JavaScript implementations}},
 year = {2011}
}

@inproceedings{Mowery2012,
 author = {Mowery, Keaton and Keelveedhi, Sriram and Shacham, Hovav},
 booktitle = {CCSW},
 title = {{Are AES x86 Cache Timing Attacks Still Feasible?}},
 year = {2012}
}

@inproceedings{Mowery2012pixel,
 author = {Mowery, Keaton and Shacham, Hovav},
 booktitle = {{W2SP}},
 title = {{Pixel Perfect: Fingerprinting Canvas in HTML5}},
 year = {2012}
}

@misc{Mozilla2016seccomp,
 author = {Mozilla.},
 month = {July},
 title = {{Seccomp filter in Android O}},
 url = {https://wiki.mozilla.org/Security/Sandbox/Seccomp},
 year = {2016}
}

@misc{Mozilla2017ArrayBuffer,
 author = {{Mozilla Developer Network}},
 title = {{ArrayBuffer}},
 url = {https://developer.mozilla.org/en/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer},
 year = {2017}
}

@misc{Mozilla2017debugger,
 author = {{Mozilla Developer Network}},
 title = {{debugger}},
 url = {https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Statements/debugger},
 year = {2017}
}

@misc{Mozilla2017jit,
 author = {Lin Clark},
 title = {{A crash course in just-in-time (JIT) compilers}},
 url = {https://hacks.mozilla.org/2017/02/a-crash-course-in-just-in-time-jit-compilers/},
 year = {2017}
}

@misc{Mozilla2017Proxy,
 author = {{Mozilla Developer Network}},
 title = {{Proxy}},
 url = {https://developer.mozilla.org/en/docs/Web/JavaScript/Reference/Global_Objects/Proxy},
 year = {2017}
}

@misc{Mozilla2018private,
 author = {Mozilla},
 title = {{Private Browsing - Use Firefox without saving history}},
 url = {https://support.mozilla.org/en-US/kb/private-browsing-use-firefox-without-history},
 year = {2018}
}

@misc{Mozilla2019IndexMasking,
 author = {{Mozilla}},
 title = {{Index Masking in Firefox}},
 url = {https://bugzilla.mozilla.org/show_bug.cgi?id=1430051},
 year = {2019}
}

@misc{Mozilla2019JSAPI,
 author = {{Mozilla}},
 title = {{JS API Reference}},
 url = {https://developer.mozilla.org/en-US/docs/Mozilla/Projects/SpiderMonkey/JSAPI_reference},
 year = {2019}
}

@misc{Mozilla2019LowResolutionTimer,
 author = {{Mozilla}},
 title = {{performance.now resolution}},
 url = {https://developer.mozilla.org/en-US/docs/Web/API/Performance/now},
 year = {2019}
}

@misc{Mozilla2019Spidermonkey,
 author = {{Mozilla}},
 title = {{Getting SpiderMonkey source code}},
 url = {https://developer.mozilla.org/en-US/docs/Mozilla/Projects/SpiderMonkey/Getting_SpiderMonkey_source_code#Getting_the_latest_SpiderMonkey_source_code},
 year = {2019}
}

@misc{Mozilla2021Fuzzing,
 author = {{Mozilla Attack \& Defense}},
 howpublished = {\url{https://blog.mozilla.org/attack-and-defense/2021/05/20/browser-fuzzing-at-mozilla/}},
 title = {Browser fuzzing at Mozilla},
 year = {2021}
}

@misc{Mozilla2023Clipboard,
 author = {{Mozilla}},
 title = {{Clipboard API}},
 url = {https://developer.mozilla.org/en-US/docs/Web/API/Clipboard/},
 year = {2023}
}

@misc{Mozilla2023PermissionsPolicy,
 author = {{Mozilla}},
 title = {{Permissions Policy}},
 url = {https://developer.mozilla.org/en-US/docs/Web/HTTP/Permissions_Policy},
 year = {2023}
}

@misc{Mozilla2023Referer,
 author = {{Mozilla}},
 title = {{Referer}},
 url = {https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referer},
 year = {2023}
}

@misc{Mozilla2023SecureContext,
 author = {{Mozilla}},
 title = {{Secure Context}},
 url = {https://developer.mozilla.org/en-US/docs/Web/Security/Secure_Contexts},
 year = {2023}
}

@misc{Mozilla2023StandardPositions,
 author = {{Mozilla}},
 title = {{Standard Positions}},
 url = {https://mozilla.github.io/standards-positions/#webhid},
 year = {2023}
}

@misc{Mozilla2023UserActivation,
 author = {{Mozilla}},
 title = {{User Activation}},
 url = {https://developer.mozilla.org/en-US/docs/Web/Security/User_activation},
 year = {2023}
}

@misc{Mozilla2023WebBluetooth,
 author = {{Mozilla}},
 title = {{WebBluetooth}},
 url = {https://developer.mozilla.org/en-US/docs/Web/API/Web_Bluetooth_API},
 year = {2023}
}

@misc{Mozilla2023WebHID,
 author = {{Mozilla}},
 title = {{WebHID}},
 url = {https://developer.mozilla.org/en-US/docs/Web/API/WebHID_API},
 year = {2023}
}

@misc{Mozilla2023WebMIDI,
 author = {{Mozilla}},
 title = {{WebSerial}},
 url = {https://developer.mozilla.org/en-US/docs/Web/API/Web_MIDI_API},
 year = {2023}
}

@misc{Mozilla2023WebSerial,
 author = {{Mozilla}},
 title = {{WebSerial}},
 url = {https://developer.mozilla.org/en-US/docs/Web/API/Web_Serial_API},
 year = {2023}
}

@misc{Mozilla2023WebUSB,
 author = {{Mozilla}},
 title = {{WebSerial}},
 url = {https://developer.mozilla.org/en-US/docs/Web/API/USB},
 year = {2023}
}

@misc{mozilla2024disable,
 author = {{Mozilla}},
 title = {{JavaScript settings and preferences for interactive web pages}},
 url = {https://support.mozilla.org/en-US/kb/javascript-settings-for-interactive-web-pages},
 year = {2024}
}

@misc{Mozilla2024PWA,
 author = {{Mozilla}},
 title = {{Progressive web apps}},
 url = {https://developer.mozilla.org/en-US/docs/Web/Progressive_web_apps},
 year = {2024}
}

@misc{Mozilla2024Sitepermission,
 author = {{Mozilla}},
 title = {{Site Permission Add-ons}},
 url = {https://support.mozilla.org/en-US/kb/site-permission-add-ons},
 year = {2024}
}

@misc{MozillaAPIOverview,
 author = {{Mozilla}},
 title = {{Web APIs}},
 url = {https://developer.mozilla.org/en-US/docs/Web/API},
 year = {2023}
}

@misc{MozillaBug2015,
 author = {{Boris Zbarsky}},
 title = {{Reduce resolution of performance.now.}},
 url = {https://hg.mozilla.org/integration/mozilla-inbound/rev/48ae8b5e62ab},
 year = {2015}
}

@misc{MPK2017manpage,
 author = {{Kerrisk, Michael}},
 month = {September},
 title = {{Linux Programmer's Manual PKEYS(7)}},
 url = {http://man7.org/linux/man-pages/man7/pkeys.7.html},
 year = {2017}
}

@misc{MS2024OpenTypeOverview,
 author = {{Microsoft}},
 note = {Retrieved 2024-04-24},
 title = {{OpenType Overview}},
 url = {https://learn.microsoft.com/en-us/typography/opentype/},
 year = {2024}
}

@misc{MS2024OpenTypeSpec,
 author = {{Microsoft}},
 note = {Retrieved 2024-04-24},
 title = {{OpenType Font Specification}},
 url = {https://learn.microsoft.com/en-us/typography/opentype/spec/},
 year = {2024}
}

@misc{MS2024OpenTypeSpecMaxP,
 author = {{Microsoft}},
 note = {Retrieved 2024-04-24},
 title = {{OpenType Font Specification: maxp -- Maximum Profile}},
 url = {https://learn.microsoft.com/en-us/typography/opentype/spec/maxp},
 year = {2024}
}

@misc{MSDN2018desktop,
 author = {Microsoft},
 month = {July},
 title = {Windows desktop applications},
 url = {https://msdn.microsoft.com/en-us/library/windows/desktop/aa906039.aspx},
 year = {2018}
}

@misc{MSDN2018stackusage,
 author = {Microsoft},
 month = {December},
 title = {x64 stack usage},
 url = {https://docs.microsoft.com/en-us/cpp/build/stack-usage?view=vs-2017},
 year = {2018}
}

@inproceedings{Msgna2014,
 author = {Msgna, Mehari and Markantonakis, Konstantinos and Mayes, Keith},
 booktitle = {International Conference on Information Security Practice and Experience},
 title = {{Precise Instruction-Level Side Channel Profiling of Embedded Processors}},
 year = {2014}
}

@inproceedings{Mueller2017Sok,
 author = {Müller, Jens and Mladenov, Vladislav and Somorovsky, Juraj and Schwenk, Jörg},
 booktitle = {S\&P},
 title = {SoK: Exploiting Network Printers},
 year = {2017}
}

@inproceedings{Mueller2019Dangers,
 author = {Mueller, Tobias and Klotzsche, Daniel and Herrmann, Dominik and Federrath, Hannes},
 booktitle = {International Conference on Software, Telecommunications and Computer Networks (SoftCOM)},
 title = {Dangers and Prevalence of Unprotected Web Fonts},
 year = {2019}
}

@incollection{Muijrers2011,
 author = {Muijrers, Ruben A and van Woudenberg, Jasper GJ and Batina, Lejla},
 booktitle = {International Conference on Smart Card Research and Advanced Applications},
 organization = {Springer},
 title = {RAM: Rapid alignment method},
 year = {2011}
}

@inproceedings{Muir2006,
 author = {Muir, James A},
 booktitle = {{International Conference on Information and Communications Security}},
 title = {{Seifert’s RSA fault attack: Simplified analysis and generalizations}},
 year = {2006}
}

@inproceedings{Mulder2019,
 author = {Mulder, Elke De and Gummalla, Samatha and Hutter, Michael},
 booktitle = {ACM Design Automation Conference},
 title = {{INVITED: Protecting RISC-V against Side-Channel Attacks}},
 year = {2019}
}

@inproceedings{Muller2011,
 author = {M\"{u}ller, Tilo and Freiling, Felix C. and Dewald, Andreas},
 booktitle = {USENIX Security Symposium},
 title = {{TRESOR Runs Encryption Securely Outside RAM}},
 year = {2011}
}

@inproceedings{muller2011tresor,
 author = {M{\"u}ller, Tilo and Freiling, Felix C and Dewald, Andreas},
 booktitle = {{USENIX Security}},
 title = {{TRESOR Runs Encryption Securely Outside RAM}},
 year = {2011}
}

@article{muller2018kpti,
 author = {M{\"u}ller, Lars},
 journal = {WAMOS},
 title = {Kpti a mitigation method against meltdown},
 year = {2018}
}

@inproceedings{muller2019johnny,
 author = {M{\"u}ller, Jens and Brinkmann, Marcus and Poddebniak, Damian and Bock, Hanno and Schinzel, Sebastian and Somorovsky, Juraj and Schwenk, J{\"o}rg},
 booktitle = {{USENIX}},
 title = {Johnny you are fired!”--spoofing OpenPGP and S/MIME signatures in Emails},
 year = {2019}
}

@inproceedings{muller2019re,
 author = {M{\"u}ller, Jens and Brinkmann, Marcus and Poddebniak, Damian and Schinzel, Sebastian and Schwenk, J{\"o}rg},
 booktitle = {{ACNS }},
 title = {Re: What`s Up Johnny? Covert Content Attacks on Email End-to-End Encryption},
 year = {2019}
}

@inproceedings{muller2020mailto,
 author = {M{\"u}ller, Jens and Brinkmann, Marcus and Poddebniak, Damian and Schinzel, Sebastian and Schwenk, J{\"o}rg},
 booktitle = {{IEEE Conference on Communications and Network Security (CNS)}},
 title = {Mailto: Me your secrets. on bugs and features in email end-to-end encryption},
 year = {2020}
}

@article{mulliner2015breaking,
 author = {Mulliner, Collin and Neugschwandtner, Matthias},
 journal = {BlackHat USA},
 month = {August},
 title = {Breaking Payloads with Runtime Code Stripping and Image Freezing},
 year = {2015}
}

@inproceedings{Murakami2010,
 author = {Murakami, Tomosuke and Kasahara, Ryuta and Saito, Takamichi},
 booktitle = {Proceedings of the 10th International Symposium on Communications and Information Technologies},
 month = {10},
 pages = {534--538},
 publisher = {Ieee},
 title = {{An implementation and its evaluation of password cracking tool parallelized on GPGPU}},
 year = {2010}
}

@inproceedings{Murdoch2005,
 author = {Murdoch, Steven J and Lewis, Stephen},
 booktitle = {Proceedings of the 7th International Workshop of Information Hiding},
 pages = {247--261},
 title = {{Embedding Covert Channels into TCP/IP}},
 year = {2005}
}

@inproceedings{Murdoch2006,
 author = {Murdoch, Steven J},
 booktitle = {CCS'06},
 title = {{Hot or Not: Revealing Hidden Services by their Clock Skew}},
 year = {2006}
}

@article{murdock1994overview,
 author = {Murdock, Ian},
 journal = {Linux Journal},
 title = {Overview of the Debian GNU/Linux system},
 year = {1994}
}

@inproceedings{Murdock2019plundervolt,
 author = {Murdock, Kit and Oswald, David and Garcia, Flavio D. and Van Bulck, Jo and Gruss, Daniel and Piessens, Frank},
 booktitle = {{S\&P}},
 title = {{Plundervolt: Software-based Fault Injection Attacks against Intel SGX}},
 year = {2020}
}

@article{mus2022jolt,
 author = {Mus, Koksal and Dor{\"o}z, Yark{\i}n and Tol, M Caner and Rahman, Kristi and Sunar, Berk},
 journal = {S\&P},
 title = {Jolt: Recovering TLS Signing Keys via Rowhammer Faults},
 year = {2023}
}

@inproceedings{Mushtaq2018nightswatch,
 author = {Mushtaq, Maria and Akram, Ayaz and Bhatti, Muhammad Khurram and Chaudhry, Maham and Lapotre, Vianney and Gogniat, Guy},
 booktitle = {HASP},
 title = {Nights-watch: A cache-based side-channel intrusion detector using hardware performance counters},
 year = {2018}
}

@article{Mushtaq2020,
 author = {Mushtaq, Maria and Bricq, Jeremy and Bhatti, Muhammad Khurram and Akram, Ayaz and Lapotre, Vianney and Gogniat, Guy and Benoit, Pascal},
 journal = {IEEE Access},
 title = {{WHISPER: A Tool for Run-time Detection of Side-Channel Attacks}},
 year = {2020}
}

@misc{Musl2022MuslLibc,
 author = {{musl authors}},
 title = {{musl libc}},
 url = {https://musl.libc.org/},
 year = {2022}
}

@inproceedings{Mutlu2003,
 author = {Mutlu, Onur and Stark, Jared and Wilkerson, Chris and Patt, Yale N},
 booktitle = {{HPCA}},
 title = {{Runahead execution: An alternative to very large instruction windows for out-of-order processors}},
 year = {2003}
}

@inproceedings{Mutlu2017rowhammer,
 author = {Mutlu, Onur},
 booktitle = {{Design, Automation \& Test in Europe Conference \& Exhibition (DATE)}},
 title = {{The {RowHammer} problem and other issues we may face as memory becomes denser}},
 year = {2017}
}

@article{mutlu2019rowhammer,
 author = {Mutlu, Onur and Kim, Jeremie S},
 journal = {IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems},
 title = {Rowhammer: A retrospective},
 year = {2019}
}

@misc{Mutton2014OCSP,
 author = {{Paul Mutton}},
 title = {{Certificate revocation: Why browsers remain affected by Heartbleed}},
 url = {https://news.netcraft.com/archives/2014/04/24/certificate-revocation-why-browsers-remain-affected-by-heartbleed.html},
 year = {2014}
}

@article{Myers2007,
 author = {Myers, Michael and Youndt, Stephen},
 journal = {Mega Security},
 title = {An introduction to hardware-assisted virtual machine ({HVM}) rootkits},
 year = {2007}
}

@inproceedings{Myers2017,
 author = {Myers, Mike},
 booktitle = {{PoC$|$GTFO}},
 title = {{Anti-Keylogging with Random Noise}},
 volume = {0x14},
 year = {2017}
}

@misc{MyLocDedicatedRoot,
 author = {myLoc managed IT},
 title = {The dedicated server in comparison},
 url = {https://www.myloc.de/en/server-hosting/dedicated-server/dedicated-server-comparison.html},
 year = {2018}
}

@misc{NaClpres,
 author = {{Chrome Developers}},
 note = {Retrieved on June 26, 2015},
 title = {{Native Client}},
 url = {https://developer.chrome.com/native-client}
}

@misc{NaClrev2014,
 author = {{Chrome Developers}},
 month = {September},
 note = {Retrieved on June 26, 2015},
 title = {{Native Client Revision 13809}},
 url = {http://src.chromium.org/viewvc/native_client?revision=13809&view=revision},
 year = {2014}
}

@inproceedings{Naghibijouybari2018,
 author = {Hoda Naghibijouybari and Ajaya Neupane and Zhiyun Qian and Nael Abu-Ghazaleh},
 booktitle = {{CCS}},
 title = {{Rendered Insecure: GPU Side Channel Attacks are Practical}},
 year = {2018}
}

@inproceedings{Nakaike2015,
 author = {Nakaike, Takuya and Odaira, Rei and Gaudet, Matthew and Michael, Maged M and Tomari, Hisanobu},
 booktitle = {ISCA},
 title = {{Quantitative comparison of Hardware Transactional Memory for Blue Gene/Q, zEnterprise EC12, Intel Core, and POWER8}},
 year = {2015}
}

@misc{Nakamura2003prefetcher,
 author = {Nakamura, Tomohiro},
 month = {October},
 note = {US Patent 6,636,945 B2},
 publisher = {Google Patents},
 title = {Hardware Prefetch System Based On Transfer Request Address Of Cache Miss Load Requests},
 year = {2003}
}

@manual{namespaces,
 month = {03},
 note = {Available at \url{http://man7.org/linux/man-pages/man7/namespaces.7.html}},
 title = {NAMESPACES(7) Linux Programmer's Manual},
 year = {2020}
}

@article{Narayan2020extended,
 author = {Narayan, Shravan and Disselkoen, Craig and Garfinkel, Tal and Froyd, Nathan and Rahm, Eric and Lerner, Sorin and Shacham, Hovav and Stefan, Deian},
 journal = {arXiv:2003.00572},
 title = {{Retrofitting Fine Grain Isolation in the Firefox Renderer (Extended Version)}},
 year = {2020}
}

@inproceedings{Narayan2020retrofitting,
 author = {Narayan, Shravan and Disselkoen, Craig and Garfinkel, Tal and Froyd, Nathan and Rahm, Eric and Lerner, Sorin and Shacham, Hovav and Stefan, Deian},
 booktitle = {{USENIX Security Symposium}},
 title = {{Retrofitting Fine Grain Isolation in the Firefox Renderer}},
 year = {2020}
}

@inproceedings{Narayan2021swivel,
 author = {Narayan, Shravan and Disselkoen, Craig and Moghimi, Daniel and Cauligi, Sunjay and Johnson, Evan and Gang, Zhao and Vahldiek-Oberwagner, Anjo and Sahita, Ravi and Shacham, Hovav and Tullsen, Dean and Stefan, Deian},
 booktitle = {USENIX Security Symposium},
 title = {Swivel: Hardening WebAssembly against Spectre},
 year = {2021}
}

@inproceedings{Negi2021usb,
 author = {Negi, Arun and Rathore, Santosh Singh and Sadhya, Debanjan},
 booktitle = {International Conference on Signal Processing and Integrated Networks (SPIN)},
 title = {USB Keypress Injection Attack Detection via Free-Text Keystroke Dynamics},
 year = {2021}
}

@inproceedings{Neisse2011,
 author = {Neisse, Ricardo and Holling, Dominik and Pretschner, Alexander},
 booktitle = {Proceedings of the 11th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGrid'11)},
 month = {May},
 pages = {524--533},
 title = {{Implementing Trust in Cloud Infrastructures}},
 year = {2011}
}

@article{nemati2020speculative,
 author = {Nemati, Hamed and Guanciale, Roberto and Buiras, Pablo and Lindner, Andreas},
 journal = {arXiv preprint arXiv:2007.06865},
 title = {Speculative leakage in ARM cortex-a53},
 year = {2020}
}

@inproceedings{Nemeth2015egghunt,
 author = {N{\'e}meth, Zolt{\'a}n L and Erd{\H{o}}di, L{\'a}szl{\'o}},
 booktitle = {Intelligent Systems and Informatics (SISY)},
 title = {When every byte counts - Writing minimal length shellcodes},
 year = {2015}
}

@manual{NeoverseN1manual,
 organization = {Arm Limited},
 title = {{Arm Neoverse N1 Core Technical Reference Manual Revision r3p1}},
 year = {2019}
}

@misc{Nergal2001ret2libc,
 author = {Nergal},
 title = {{The advanced return-into-lib(c) explits: PaX case study}},
 year = {2001}
}

@misc{netcupDedicatedRoot,
 author = {netcup},
 title = {Dedicated servers for professional applications},
 url = {https://www.netcup.eu/professional/dedizierte-server/},
 year = {2018}
}

@misc{nethercote2004dynamic,
 author = {Nethercote, Nicholas},
 title = {Dynamic binary analysis and instrumentation},
 year = {2004}
}

@inproceedings{Nethercote2007valgrind,
 author = {Nethercote, Nicholas and Seward, Julian},
 booktitle = {PLDI},
 title = {Valgrind: a framework for heavyweight dynamic binary instrumentation},
 year = {2007}
}

@inproceedings{Neuner2018Usblock,
 author = {Neuner, Sebastian and Voyiatzis, Artemios G and Fotopoulos, Spiros and Mulliner, Collin and Weippl, Edgar R},
 booktitle = {DBSec},
 title = {Usblock: Blocking usb-based keypress injection attacks},
 year = {2018}
}

@inproceedings{Neve2006a,
 author = {Neve, Michael and Seifert, Jean-Pierre},
 booktitle = {Selected Areas in Cryptography (SAC)},
 title = {{Advances on Access-Driven Cache Attacks on AES}},
 year = {2006}
}

@inproceedings{Neve2006refined,
 author = {Neve, Michael and Seifert, Jean-Pierre and Wang, Zhenghong},
 booktitle = {AsiaCCS'06},
 title = {{A refined look at Bernstein's AES side-channel analysis}},
 year = {2006}
}

@article{Newlin2016Mousejack,
 author = {Newlin, Marc},
 journal = {DEFCON},
 title = {MouseJack, KeySniffer and Beyond: Keystroke Sniffing and Injection Vulnerabilities in 2.4 GHz Wireless Mice and Keyboards},
 year = {2016}
}

@inproceedings{Newman2022Sigstore,
 author = {Newman, Zachary and Meyers, John Speed and Torres-Arias, Santiago},
 booktitle = {{CCS}},
 title = {Sigstore: Software Signing for Everybody},
 year = {2022}
}

@inproceedings{Newsome2005,
 author = {Newsome, James and Song, Dawn Xiaodong},
 booktitle = {{NDSS}},
 title = {{Dynamic Taint Analysis for Automatic Detection, Analysis, and SignatureGeneration of Exploits on Commodity Software.}},
 year = {2005}
}

@inproceedings{newsome2005dynamic,
 author = {Newsome, James and Song, Dawn Xiaodong},
 booktitle = {NDSS},
 title = {Dynamic taint analysis for automatic detection, analysis, and signaturegeneration of exploits on commodity software.},
 year = {2005}
}

@misc{nginxv1_23_3,
 author = {Sysoev, Igor and {F5 Inc.}},
 note = {Accessed 2024-08-03},
 title = {nginx v.1.23.3},
 url = {https://nginx.org/}
}

@phdthesis{Nguyen2014GroebnerSat,
 author = {Thanh Hung Nguyen},
 school = {Technische Universit{\"a}t Kaiserslautern},
 title = {{Combinations of Boolean Groebner Bases and SAT Solvers}},
 year = {2014}
}

@online{Nguyen2022Mul53,
 author = {Nguyen, Hoang Trung},
 title = {{Apple H10 Mul53 extension}},
 url = {https://gist.github.com/TrungNguyen1909/5b323edda9a21550a1621af506e8ce5f},
 year = {2022}
}

@inproceedings{niederer2025Stack,
 author = {Niederer, Silvan and Rüegge, Sandro and Hajiabadi, Ali and Razavi, Kaveh},
 booktitle = {MICRO},
 title = {{One Flew over the Stack Engine’s Nest: Practical Microarchitectural Attacks on the Stack Engine}},
 year = {2025}
}

@misc{Nielsen2006complexity,
 author = {Jakob Nielsen},
 title = {{Progressive Disclosure}},
 url = {https://www.nngroup.com/articles/progressive-disclosure/},
 year = {2006}
}

@article{Niemietz2012,
 author = {Niemietz, Marcus and Schwenk, J{\"o}rg},
 journal = {Black Hat Abu Dhabi},
 title = {{UI Redressing Attacks on Android Devices}},
 year = {2012}
}

@inproceedings{Nikiforakis2013cookieless,
 author = {Nikiforakis, Nick and Kapravelos, Alexandros and Joosen, Wouter and Kruegel, Christopher and Piessens, Frank and Vigna, Giovanni},
 booktitle = {{Security and privacy (SP)}},
 title = {{Cookieless monster: Exploring the ecosystem of web-based device fingerprinting}},
 year = {2013}
}

@inproceedings{Nikiforakis2015privaricator,
 author = {Nikiforakis, Nick and Joosen, Wouter and Livshits, Benjamin},
 booktitle = {{WWW}},
 title = {{Privaricator: Deceiving fingerprinters with little white lies}},
 year = {2015}
}

@article{Nilsson2020SGXSurvey,
 author = {Alexander Nilsson and {Nikbakht Bideh}, Pegah and Joakim Brorsson},
 journal = {arXiv preprint},
 title = {A Survey of Published Attacks on Intel SGX},
 year = {2020}
}

@techreport{Nir2018Chacha20,
 author = {Nir, Yoav and Langley, Adam},
 title = {ChaCha20 and Poly1305 for IETF Protocols},
 year = {2018}
}

@article{NisDirective2016,
 journal = {Official Journal of the European Union},
 title = {{Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union}},
 year = {2016}
}

@article{Nissim2017usb,
 author = {Nissim, Nir and Yahalom, Ran and Elovici, Yuval},
 journal = {Computers \& Security},
 title = {USB-based attacks},
 volume = {70},
 year = {2017}
}

@misc{nist2017cve20170199,
 author = {US National Vulnerability Database NVD (NIST)},
 title = {{CVE-2017-0199}},
 url = {{https://nvd.nist.gov/vuln/detail/CVE-2017-0199}},
 year = {2017}
}

@misc{Nist2019Lightweightrequirements,
 author = {National Institute of Standards and Technology},
 title = {Submission Requirements and Evaluation Criteria for the Lightweight Cryptography Standardization Process},
 url = {https://csrc.nist.gov/CSRC/media/Projects/Lightweight-Cryptography/documents/final-lwc-submission-requirements-august2018.pdf},
 year = {2018}
}

@misc{Nist2019Postquantumrequirements,
 author = {National Institute of Standards and Technology},
 title = {Submission Requirements and Evaluation Criteria for the Post-Quantum Cryptography Standardization Process},
 url = {https://csrc.nist.gov/CSRC/media/Projects/Post-Quantum-Cryptography/documents/call-for-proposals-final-dec-2016.pdf},
 year = {2016}
}

@misc{Nist2023Lightweight,
 author = {National Institute of Standards and Technology},
 title = {Lightweight Cryptography},
 url = {https://csrc.nist.gov/projects/lightweight-cryptography},
 year = {2023}
}

@misc{Nist2023Postquantum,
 author = {National Institute of Standards and Technology},
 title = {Post-Quantum Cryptography},
 url = {https://csrc.nist.gov/projects/post-quantum-cryptography},
 year = {2023}
}

@misc{nist2024keysizes,
 organization = {{NIST}},
 title = {{NIST SP 800-78-5: Cryptographic Algorithms and Key Sizes for Personal Identity Verification}},
 url = {https://doi.org/10.6028/NIST.SP.800-78-5},
 year = {2024}
}

@techreport{NISTFIPS203,
 author = {{National Institute of Standards and Technology}},
 institution = {National Institute of Standards and Technology},
 title = {{FIPS 203 – Module-Lattice-Based Key-Encapsulation Mechanism Standard}},
 type = {Federal Information Processing Standards Publication},
 url = {https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.203.pdf},
 year = {2024}
}

@misc{NLnet2022phone,
 author = {NLnet},
 title = {{RISC-V Phone project}},
 url = {http://majstor.org/rvphone/},
 year = {2022}
}

@article{Nohl2014BadUSB,
 author = {Nohl, Karsten and Lell, Jakob},
 journal = {Black Hat USA},
 title = {{BadUSB - On Accessories that Turn Evil}},
 year = {2014}
}

@article{Nohl2014badusb,
 author = {Nohl, Karsten and Lell, Jakob},
 journal = {Black Hat USA},
 title = {BadUSB-On accessories that turn evil},
 year = {2014}
}

@misc{Nomoreransom,
 key = {No more ransom},
 no-note = {Retrieved on November 13, 2018},
 title = {{No more ransom!}},
 url = {https://www.nomoreransom.org/}
}

@inproceedings{Nomoto2023Permission,
 author = {Nomoto, Kazuki and Watanabe, Takuya and Shioji, Eitaro and Akiyama, Mitsuaki and Mori, Tatsuya},
 booktitle = {{NDSS}},
 title = {{Browser Permission Mechanisms Demystified}},
 year = {2023}
}

@inproceedings{Nong2009Linear,
 author = {Nong, Ge and Zhang, Sen and Chan, Daricks Wai Hong},
 booktitle = {Data Compression Conference},
 title = {Linear Suffix Array Construction by Almost Pure Induced-Sorting},
 year = {2009}
}

@misc{Norcott2016,
 author = {Norcott, William D and Capps, Don},
 title = {{IOzone} filesystem benchmark},
 url = {http://www.iozone.org/},
 year = {2016}
}

@misc{NoScript,
 author = {{Giorgio Maone}},
 month = {July},
 title = {{NoScript - JavaScript/Java/Flash blocker for a safer Firefox experience!}},
 url = {https://noscript.net},
 year = {2017}
}

@article{Noubir2016,
 author = {Noubir, Guevara and Sanatinia, Amirali},
 journal = {Virus Bulletin},
 title = {Trusted Code Execution on Untrusted Platforms using {Intel SGX}},
 year = {2016}
}

@misc{noverse_arch,
 author = {Wikichip},
 title = {{Neoverse V1 - Microarchitectures - ARM}},
 url = {https://en.wikichip.org/wiki/arm_holdings/microarchitectures/neoverse_v1},
 year = {2021}
}

@book{Nozaki2016Information,
 author = {Nozaki, M.K. and Tipton, H.F.},
 number = {v. 5},
 publisher = {CRC Press},
 title = {Information Security Management Handbook, Volume 5},
 year = {2016}
}

@misc{Nvidia2009Fermi,
 author = {NVIDIA},
 title = {{NVIDIA Fermi Architecture Whitepaper}},
 year = {2009}
}

@misc{NVIDIA2010,
 author = {NVIDIA},
 title = {{TESLA M2050 / M2070 GPU computing module}},
 year = {2010}
}

@report{NVIDIA2012,
 author = {NVIDIA},
 title = {{NVIDIA's Next Generation CUDA Compute Architecture: Kepler GK110}},
 type = {techreport},
 year = {2012}
}

@misc{NVIDIAcuda,
 author = {NVIDIA},
 number = {October},
 title = {{CUDA C Programming Guide}},
 year = {2012}
}

@misc{NVIDIAJetsonTX2Thermal,
 author = {NVIDIA},
 title = {{Jetson TX2: Thermal Design Guide}},
 year = {2017}
}

@article{Nymann1972probability,
 author = {Nymann, JE},
 journal = {Journal of Number Theory},
 title = {{On the probability that k positive integers are relatively prime}},
 year = {1972}
}

@inproceedings{Oberheide2008,
 author = {Oberheide, Jon and Cooke, Evan and Jahanian, Farnam and Arbor, Ann},
 booktitle = {Black Hat Briefings},
 title = {{Empirical Exploitation of Live Virtual Machine Migration}},
 year = {2008}
}

@article{Oberman1999amd,
 author = {Oberman, Stuart and Favor, Greg and Weber, Fred},
 journal = {IEEE Micro},
 number = {2},
 pages = {37--48},
 publisher = {IEEE},
 title = {{AMD 3DNow! technology: Architecture and implementations}},
 volume = {19},
 year = {1999}
}

@misc{ocsprfc,
 author = {Stefan Santesson and Michael Myers and Rich Ankney and Ambarish Malpani and Slava Galperin and Dr. Carlisle Adams},
 doi = {10.17487/RFC6960},
 howpublished = {RFC 6960},
 publisher = {RFC Editor},
 title = {{X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP}},
 year = {2013}
}

@article{OFlynn2019,
 author = {O’Flynn, Colin and Dewar, Alex},
 journal = {CHES},
 title = {{On-Device Power Analysis Across Hardware Security Domains}},
 year = {2019}
}

@inproceedings{Ogleari2018,
 author = {Matheus Ogleari},
 booktitle = {RISC-V Workshop in Barcelona},
 title = {{RISC-V Support for Persistent Memory Systems}},
 year = {2018}
}

@inproceedings{Oh2002Error,
 author = {Oh, Nahmsuk and Shirvani, Philip P and McCluskey, Edward J},
 booktitle = {IEEE Transactions on Reliability},
 title = {Error detection by duplicated instructions in super-scalar processors},
 year = {2002}
}

@inproceedings{Ojogbo2020secure,
 author = {Ojogbo, Ejebagom John and Thottethodi, Mithuna and Vijaykumar, TN},
 booktitle = {International Symposium on Code Generation and Optimization},
 title = {Secure automatic bounds checking: prevention is simpler than cure},
 year = {2020}
}

@inproceedings{Okamura2010,
 author = {Okamura, Keisuke and Oyama, Yoshihiro},
 booktitle = {Proceedings of the 2010 ACM Symposium on Applied Computing (SAC'10)},
 pages = {173--180},
 title = {{Load-Based Covert Channels between Xen Virtual Machines}},
 year = {2010}
}

@misc{OKeeffe18sgxspectre,
 author = {{O'Keeffe, Dan and Muthukumaran, Divya and Aublin, Pierre-Louis and Kelbert, Florian and Priebe, Christian and Lind, Josh and Zhu, Huanzhou and Pietzuch, Peter}},
 title = {{Spectre attack against SGX enclave}},
 year = {2018}
}

@inproceedings{Olejnik2015,
 author = {Olejnik, Lukasz and Acar, Gunes and Castelluccia, Claude and Diaz, Claudia},
 booktitle = {Revised Selected Papers of the 10th International Workshop on Data Privacy Management, and Security Assurance - Volume 9481},
 title = {The Leaking Battery},
 year = {2016}
}

@inproceedings{Olejnik2017battery,
 author = {Olejnik, Lukasz and Englehardt, Steven and Narayanan, Arvind},
 booktitle = {{Workshop on Privacy Engineering (IWPE)}},
 title = {{Battery Status Not Included: Assessing Privacy in Web Standards}},
 year = {2017}
}

@misc{Olejnik2017Stealing,
 author = {Olejnik, Lukasz},
 title = {{Stealing sensitive browser data with the W3C Ambient Light Sensor API}},
 url = {https://blog.lukaszolejnik.com/stealing-sensitive-browser-data-with-the-w3c-ambient-light-sensor-api/},
 year = {2017}
}

@article{Oleksenko2017mpx,
 author = {Oleksenko, Oleksii and Kuvaiskii, Dmitrii and Bhatotia, Pramod and Felber, Pascal and Fetzer, Christof},
 journal = {arXiv:1702.00719},
 title = {{Intel {MPX} Explained: An Empirical Study of Intel {MPX} and Software-based Bounds Checking Approaches}},
 year = {2017}
}

@inproceedings{oleksenko2018varys,
 author = {Oleksenko, Oleksii and Trach, Bohdan and Krahn, Robert and
Silberstein, Mark and Fetzer, Christof},
 booktitle = {{USENIX} Annual Technical Conference {(ATC)}},
 title = {Varys: Protecting {SGX} Enclaves from Practical Side-Channel
Attacks},
 year = {2018}
}

@article{Oleksenko2018YSNB,
 author = {Oleksenko, Oleksii and Trach, Bohdan and Reiher, Tobias  and Silberstein, Mark and Fetzer, Christof},
 journal = {arXiv:1805.08506},
 title = {{You Shall Not Bypass: Employing data dependencies to prevent Bounds Check Bypass}},
 year = {2018}
}

@inproceedings{Oleksenko2020,
 author = {Oleksii Oleksenko and Bohdan Trach and Mark Silberstein and Christof Fetzer},
 booktitle = {{USENIX Security}},
 title = {{Bringing Spectre-type vulnerabilities to the surface}},
 year = {2020}
}

@inproceedings{Oleksenko2020specfuzz,
 author = {Oleksenko, Oleksii and Trach, Bohdan and Silberstein, Mark and Fetzer, Christof},
 booktitle = {USENIX Security Symposium},
 title = {{SpecFuzz}: Bringing Spectre-type Vulnerabilities to the Surface},
 year = {2020}
}

@inproceedings{oleksenko2022revizor,
 author = {Oleksenko, Oleksii and Fetzer, Christof and K{\"o}pf, Boris and Silberstein, Mark},
 booktitle = {ACM International Conference on Architectural Support for Programming Languages and Operating Systems},
 title = {Revizor: Testing black-box CPUs against speculation contracts},
 year = {2022}
}

@inproceedings{oleksenko2023hide,
 author = {Oleksenko, Oleksii and Guarnieri, Marco and K{\"o}pf, Boris and Silberstein, Mark},
 booktitle = {IEEE S\&P},
 title = {Hide and Seek with Spectres: Efficient discovery of speculative information leaks with random testing},
 year = {2023}
}

@article{Omar2019ironhide,
 author = {Omar, Hamza and Khan, Omer},
 journal = {arXiv:1904.12729},
 title = {{IRONHIDE: A Secure Multicore Architecture that Leverages Hardware Isolation Against Microarchitecture State Attacks}},
 year = {2019}
}

@article{Omar2020,
 author = {Omar, Hamza and D'Agostino, Brandon and Khan, Omer},
 journal = {IEEE Transactions on Computers},
 title = {{OPTIMUS: A Security-Centric Dynamic Hardware Partitioning Scheme for Processors that Prevent Microarchitecture State Attacks}},
 year = {2020}
}

@inproceedings{Onarlioglu2010,
 author = {Onarlioglu, Kaan and Bilge, Leyla and Lanzi, Andrea and Balzarotti, Davide and Kirda, Engin},
 booktitle = {{ACSAC}},
 title = {{G-Free: defeating return-oriented programming through gadget-less binaries}},
 year = {2010}
}

@misc{OpenSSL,
 author = {OpenSSL},
 title = {{OpenSSL: The Open Source toolkit for SSL/TLS}},
 url = {http://www.openssl.org},
 year = {2019}
}

@misc{OpenSSLRC5,
 author = {OpenSSL},
 title = {{OpenSSL RC5 implementation}},
 url = {https://github.com/openssl/openssl/tree/master/crypto/rc5},
 year = {2024}
}

@misc{Opswat2014,
 author = {{OPSWAT}},
 note = {Retrieved on July 16, 2015},
 title = {{Antivirus and Operating System Report: October 2014}},
 url = {https://opswat.com/resources/reports/antivirus-october-2014}
}

@misc{OPTEE,
 author = {Linaro},
 title = {{OP-TEE}: Open Portable Trusted Execution Environment},
 url = {https://www.op-tee.org/},
 year = {2016}
}

@inproceedings{Oren2015,
 author = {Oren, Yossef and Kemerlis, Vasileios P and Sethumadhavan, Simha and Keromytis, Angelos D},
 booktitle = {CCS},
 title = {{The Spy in the Sandbox: Practical Cache Attacks in JavaScript and their Implications}},
 year = {2015}
}

@inproceedings{orenbach2020autarky,
 author = {Orenbach, Meni and Baumann, Andrew and Silberstein, Mark},
 booktitle = {European Conference on Computer Systems {(EuroSys)}},
 title = {Autarky: Closing Controlled Channels with Self-Paging Enclaves},
 year = {2020}
}

@misc{Ormandy2023Reptar,
 author = {Ormandy, Tavis},
 title = {Reptar},
 url = {https://lock.cmpxchg8b.com/reptar.html},
 year = {2023}
}

@misc{Ormandy2023Zenbleed,
 author = {Ormandy, Tavis},
 title = {Zenbleed},
 url = {https://lock.cmpxchg8b.com/zenbleed.html},
 year = {2023}
}

@article{Orosa2018,
 author = {Orosa, Lois and Azevedo, Rodolfo and Mutlu, Onur},
 journal = {ACM Transactions on Architecture and Code Optimization (TACO)},
 number = {4},
 pages = {49},
 publisher = {ACM},
 title = {{AVPP: Address-first value-next predictor with value prefetching for improving the efficiency of load value prediction}},
 volume = {15},
 year = {2018}
}

@inproceedings{Orosa2021deeper,
 author = {Orosa, Lois and Yaglikci, Abdullah Giray and Luo, Haocong and Olgun, Ataberk and Park, Jisung and Hassan, Hasan and Patel, Minesh and Kim, Jeremie S and Mutlu, Onur},
 booktitle = {MICRO},
 title = {A deeper look into rowhammer’s sensitivities: Experimental analysis of real dram chips and implications on future attacks and defenses},
 year = {2021}
}

@inproceedings{Ortolani2012,
 author = {Ortolani, Stefan},
 booktitle = {{USENIX} Workshop on Hot Topics in Security -- {HotSec}},
 title = {NoisyKey: Tolerating Keyloggers via Keystrokes Hiding},
 year = {2012}
}

@misc{OSSLSF2014,
 author = {{OpenSSL Software Foundation}},
 title = {{OpenSSL Project}},
 url = {http://www.openssl.org/},
 year = {2014}
}

@article{Ostrovsky2012,
 author = {Ostrovsky, Rafail and Scafuro, Alessandra and Wadia, Akshay and Visconti, Ivan},
 journal = {Cryptology ePrint Archive, Report 2012/143},
 pages = {1--53},
 title = {{Universally Composable Secure Computation with (Malicious) Physically Uncloneable Functions}},
 year = {2012}
}

@inproceedings{Osvik2006,
 author = {Osvik, Dag Arne and Shamir, Adi and Tromer, Eran},
 booktitle = {CT-RSA},
 title = {{Cache Attacks and Countermeasures: the Case of AES}},
 year = {2006}
}

@inproceedings{oswald2005side,
 author = {Oswald, Elisabeth and Mangard, Stefan and Pramstaller, Norbert and Rijmen, Vincent},
 booktitle = {Fast Software Encryption},
 title = {A side-channel analysis resistant description of the AES S-box},
 year = {2005}
}

@misc{OSXMeltdown2018,
 author = {fG!},
 month = {Jan},
 title = {{Measuring OS X Meltdown Patches Performance}},
 url = {https://reverse.put.as/2018/01/07/measuring-osx-meltdown-patches-performance/},
 year = {2018}
}

@inproceedings{Ou2012,
 author = {Ou, Zhonghong and Zhuang, Hao and Nurminen, Jukka K and Yl\"{a}-J\"{a}\"{a}ski, Antti and Hui, Pan},
 booktitle = {HotCloud'12},
 title = {{Exploiting Hardware Heterogeneity within the Same Instance Type of Amazon EC2}},
 year = {2012}
}

@inproceedings{Ousterhout1982,
 author = {Ousterhout, John K and others},
 booktitle = {ICDCS},
 title = {Scheduling Techniques for Concurrent Systems.},
 year = {1982}
}

@misc{OvertonWindow,
 author = {Joseph G. Lehman},
 publisher = {Mackinac Center for Public Policy},
 title = {{An Introduction to the Overton Window of Political Possibility}},
 url = {https://www.mackinac.org/12481},
 year = {2010}
}

@misc{OWASP2017,
 author = {{OWASP}},
 note = {\url{https://www.owasp.org/} (Accessed 25/03/2019)},
 title = {{OWASP} Top 10},
 year = {2017}
}

@misc{OWASP2019Standard,
 author = {{OWASP}},
 title = {{OWASP} Application Security Verification Standard 4.0},
 year = {2019}
}

@misc{OWASP2021Top,
 author = {Open Web Application Security Project (OWASP)},
 title = {{Top 10 Web Application Security Risks}},
 url = {https://owasp.org/Top10/},
 year = {2021}
}

@misc{owasp2024xssfilter,
 author = {{OWASP}},
 title = {{XSS Filter Evasion Cheat Sheet}},
 url = {https://cheatsheetseries.owasp.org/cheatsheets/XSS_Filter_Evasion_Cheat_Sheet.html},
 year = {2024}
}

@article{Owens2008,
 author = {Owens, John D. and Houston, Mike and Luebke, David and Green, Simon and Stone, John E. and Phillips, James C.},
 journal = {Proceedings of the IEEE},
 number = {5},
 pages = {879--899},
 title = {{GPU Computing}},
 volume = {96},
 year = {2008}
}

@inproceedings{Owens2011,
 author = {Owens, Rodney and Wang, Weichao},
 booktitle = {International Performance Computing and Communications Conference},
 title = {{Non-interactive OS fingerprinting through memory de-duplication technique in virtual machines}},
 year = {2011}
}

@inproceedings{Owusu2013,
 author = {Owusu, Emmanuel and Guajardo, Jorge and Mccune, Jonathan M. and Newsome, Jim and Perrig, Adrian and Vasudevan, Amit},
 booktitle = {CCS'13},
 title = {{OASIS: On Achieving a Sanctuary for Integrity and Secrecy on Untrusted Platforms}},
 year = {2013}
}

@misc{oxide2025Msr,
 author = {Oxide Computer Company},
 title = {illumos},
 url = {https://github.com/oxidecomputer/illumos-gate/blob/stlouis/usr/src/uts/intel/sys/amdzen/ccx.h},
 year = {2025}
}

@inproceedings{Oyama2019rdtsc,
 author = {Oyama, Yoshihiro},
 booktitle = {DIMVA},
 title = {How does malware use RDTSC? A study on operations executed by malware with CPU cycle measurement},
 year = {2019}
}

@inproceedings{Oz2023Rob,
 author = {Oz, Harun and Aris, Ahmet and Acar, Abbas and Tuncay, G{\"u}liz Seray and Babun, Leonardo and Uluagac, Selcuk},
 booktitle = {{USENIX}},
 title = {R{\o}B: Ransomware over Modern Web Browsers},
 year = {2023}
}

@inproceedings{paccagnella2021lord,
 author = {Paccagnella, Riccardo and Luo, Licheng and Fletcher, Christopher W},
 booktitle = {USENIX Security Symposium},
 title = {{Lord of the Ring (s): Side Channel Attacks on the CPU On-Chip Ring Interconnect Are Practical}},
 year = {2021}
}

@article{padala2002ptrace,
 author = {Padala, Pradeep},
 journal = {Linux Journal},
 month = {October},
 title = {{Playing with ptrace, Part 1}},
 year = {2002}
}

@article{Padhye2018zest,
 author = {Padhye, Rohan and Lemieux, Caroline and Sen, Koushik and Papadakis, Mike and Le Traon, Yves},
 journal = {arXiv:1812.00078},
 title = {Zest: Validity Fuzzing and Parametric Generators for Effective Random Testing},
 year = {2018}
}

@article{Page2002,
 author = {Page, Dan},
 journal = {Cryptology ePrint Archive, Report 2002/169},
 title = {{Theoretical Use of Cache Memory as a Cryptanalytic Side-Channel}},
 year = {2002}
}

@report{Page2003,
 author = {Page, Dan},
 institution = {Department of Computer Science, University of Bristol},
 title = {{Defending Against Cache Based Side-Channel Attacks}},
 type = {techreport},
 year = {2003}
}

@inproceedings{Palacharla1994stream,
 author = {Palacharla, S. and Kessler, R. E.},
 booktitle = {Proceedings of the 21st Annual International Symposium on Computer Architecture},
 month = {April},
 series = {ISCA '94},
 title = {Evaluating Stream Buffers As a Secondary Cache Replacement},
 year = {1994}
}

@report{Palacios2011,
 author = {Palacios, Jonathan and Triska, Josh},
 title = {{A Comparison of Modern GPU and CPU Architectures: And the Common Convergence of Both}},
 type = {techreport},
 year = {2011}
}

@misc{Palanca2003clflush,
 author = {Palanca, Salvador and Fischer, Stephen A and Maiyuran, Subramaniam},
 note = {US Patent 6,546,462},
 publisher = {Google Patents},
 title = {{CLFLUSH} micro-architectural implementation method and system},
 year = {2003}
}

@misc{Palanca2003loadbuffer,
 author = {Palanca, Salvador and Qawami, Shekoufeh and Cooray, Niranjan L and Narang, Angad and Maiyuran, Subramaniam},
 month = {February},
 note = {US Patent 6,526,499},
 publisher = {Google Patents},
 title = {Method and apparatus for load buffers},
 year = {2003}
}

@inproceedings{Paleari2009,
 author = {Paleari, Roberto and Martignoni, Lorenzo and Roglia, Giampaolo Fresi and Bruschi, Danilo},
 booktitle = {Proceedings of the 3rd USENIX Conference on Offensive Technologies},
 publisher = {USENIX},
 title = {A fistful of red-pills: How to automatically generate procedures to detect CPU emulators},
 year = {2009}
}

@inproceedings{Palit2019,
 author = {Palit, Tapti and Monrose, Fabian and Polychronakis, Michalis},
 booktitle = {ACSAC},
 title = {Mitigating data leakage by protecting memory-resident sensitive data},
 year = {2019}
}

@misc{Panzarino2018macOSKaslr,
 author = {Panzarino, Matthew},
 month = {March},
 title = {{Apple releases OS X 10.8 Mountain Lion Developer Preview 2, lists known issues}},
 url = {https://thenextweb.com/apple/2012/03/16/apple-releases-os-x-10-8-mountain-lion-developer-preview-2-to-mac-developers/},
 year = {2012}
}

@inproceedings{Pappas2012,
 author = {Pappas, Vasilis and Polychronakis, Michalis and Keromytis, Angelos D.},
 booktitle = {{S\&P}},
 title = {Smashing the Gadgets: Hindering Return-Oriented Programming Using In-place Code Randomization},
 year = {2012}
}

@inproceedings{Pappas2013,
 author = {Vasilis Pappas and Michalis Polychronakis and Angelos D. Keromytis},
 booktitle = {{USENIX Security Symposium}},
 title = {Transparent {ROP} Exploit Mitigation Using Indirect Branch Tracing},
 year = {2013}
}

@inproceedings{Parampalli2008,
 author = {Parampalli, Chetan and Sekar, R and Johnson, Rob},
 booktitle = {AsiaCCS},
 title = {{A practical mimicry attack against powerful system-call monitors}},
 year = {2008}
}

@article{Park2018libmpk,
 author = {Park, Soyeon and Lee, Sangho and Xu, Wen and Moon, Hyungon and Kim, Taesoo},
 journal = {arXiv:1811.07276},
 title = {{libmpk: Software Abstraction for Intel Memory Protection Keys}},
 year = {2018}
}

@inproceedings{Park2018power,
 author = {Park, Jungmin and Xu, Xiaolin and Jin, Yier and Forte, Domenic and Tehranipoor, Mark},
 booktitle = {DAC},
 title = {{Power-based Side-Channel Instruction-level Disassembler}},
 year = {2018}
}

@article{Park2019,
 author = {Park, Jungmin and Rahman, Fahim and Vassilev, Apostol and Forte, Domenic and Tehranipoor, Mark},
 journal = {ACM Journal on Emerging Technologies in Computing Systems (JETC)},
 number = {1},
 pages = {1--21},
 title = {Leveraging Side-Channel Information for Disassembly and Security},
 volume = {16},
 year = {2019}
}

@inproceedings{park2020graphene,
 author = {Park, Yeonhong and Kwon, Woosuk and Lee, Eojin and Ham, Tae Jun and Ahn, Jung Ho and Lee, Jae W},
 booktitle = {MICRO},
 title = {Graphene: Strong yet lightweight row hammer protection},
 year = {2020}
}

@inproceedings{Parno2010,
 author = {Parno, Bryan and McCune, Jonathan M. and Perrig, Adrian},
 booktitle = {S\&P'10},
 pages = {414--429},
 title = {{Bootstrapping Trust in Commodity Computers}},
 year = {2010}
}

@inproceedings{patat2022exploring,
 author = {Patat, Gwendal and Sabt, Mohamed and Fouque, Pierre-Alain},
 booktitle = {2022 IEEE Security and Privacy Workshops (SPW)},
 title = {Exploring widevine for fun and profit},
 year = {2022}
}

@inproceedings{patel2011marss,
 author = {Patel, Avadh and Afram, Furat and Chen, Shunfei and Ghose, Kanad},
 booktitle = {Design Automation Conference},
 title = {MARSS: a full system simulator for multicore x86 CPUs},
 year = {2011}
}

@inproceedings{Patil2011,
 author = {Patil, Kailas and Dong, Xinshu and Li, Xiaolei and Liang, Zhenkai and Jiang, Xuxian},
 booktitle = {{31st International Conference on Distributed Computing Systems (ICDCS)}},
 title = {{Towards fine-grained access control in javascript contexts}},
 year = {2011}
}

@misc{pavlov20237zip3201,
 author = {Pavlov, Igor},
 note = {\url{https://7-zip.org/}, v23.01},
 title = {7-zip},
 year = {2023}
}

@misc{Pawel2024CAT,
 author = {{Pawel Wieczorkiewicz and Rodrigo Branco and Ben Lee}},
 title = {{On the Effectiveness of Intel’s CAT as a Side-Channel Mitigation Technology}},
 url = {https://langsechq.gitlab.io/spw24/papers/LangSec2024-Branco-CAT-paper.pdf},
 year = {2024}
}

@misc{Pax2015rap,
 author = {{PaX Team}},
 publisher = {Hackers to Hackers Conference},
 title = {Rap: Rip rop},
 year = {2015}
}

@misc{PaxASLR,
 author = {{PaX Team}},
 no-url = {http://pax.grsecurity.net/docs/aslr.txt},
 title = {Address space layout randomization ({ASLR})},
 year = {2003}
}

@inproceedings{Payer2012tocttou,
 author = {Payer, Mathias and Gross, Thomas R},
 booktitle = {{ACM SIGPLAN Notices}},
 title = {{Protecting applications against {TOCTTOU} races by user-space caching of file metadata}},
 year = {2012}
}

@inproceedings{Payer2016,
 author = {Matthias Payer},
 booktitle = {{ESSoS}},
 title = {{HexPADS}: a platform to detect ``stealth'' attacks},
 year = {2016}
}

@misc{Payer2019Mail,
 author = {Mathias Payer},
 month = {January},
 url = {https://twitter.com/gannimo/status/1086185299225571328},
 year = {2019}
}

@article{payne2002security,
 author = {Payne, Christian},
 journal = {Information systems journal},
 title = {On the security of open source software},
 volume = {12},
 year = {2002}
}

@article{Pedregosa2011scikit,
 author = {Pedregosa, F. and Varoquaux, G. and Gramfort, A. and Michel, V.
and Thirion, B. and Grisel, O. and Blondel, M. and Prettenhofer, P.
and Weiss, R. and Dubourg, V. and Vanderplas, J. and Passos, A. and
Cournapeau, D. and Brucher, M. and Perrot, M. and Duchesnay, E.},
 journal = {Journal of Machine Learning Research},
 title = {Scikit-learn: Machine Learning in {P}ython},
 year = {2011}
}

@inproceedings{pei1996chinese,
 author = {Pei, Dingyi and Salomaa, Arto and Ding, Cunsheng},
 booktitle = {World Scientific},
 title = {{Chinese remainder theorem: applications in computing, coding, cryptography}},
 year = {1996}
}

@article{Pek2012,
 author = {P\'{e}k, G\'{a}bor},
 title = {{Memory Protection Mechanisms in Current Hypervisors}},
 year = {2012}
}

@article{Pek2013,
 author = {P\'{e}k, G\'{a}bor and Buttyan, Levente and Bencs\'{a}th, Boldizs\'{a}r},
 journal = {ACM Computing Surveys},
 number = {3},
 title = {{A Survey of Security Issues in Hardware Virtualization}},
 volume = {45},
 year = {2013}
}

@article{Peleg1996mmx,
 author = {Peleg, Alex and Weiser, Uri},
 journal = {{IEEE} Micro},
 number = {4},
 pages = {42--50},
 publisher = {IEEE},
 title = {{MMX technology extension to the Intel architecture}},
 volume = {16},
 year = {1996}
}

@inproceedings{Peng2019tfuzz,
 author = {Peng, Hui and Shoshitaishvili, Yan and Payer, Mathias},
 booktitle = {IEEE S\&P},
 title = {T-Fuzz: Fuzzing by Program Transformation},
 year = {2018}
}

@inproceedings{Percival2005,
 author = {Percival, Colin},
 booktitle = {BSDCan},
 title = {{Cache Missing for Fun and Profit}},
 year = {2005}
}

@inproceedings{Pereida2016make,
 author = {Pereida Garc{\'\i}a, Cesar and Brumley, Billy Bob and Yarom, Yuval},
 booktitle = {CCS},
 title = {Make sure {DSA} signing exponentiations really are constant-time},
 year = {2016}
}

@article{Perrotta2018,
 author = {Raffaello Perrotta and
Feng Hao},
 doi = {10.1109/MSP.2018.3111249},
 journal = {{IEEE} Security {\&} Privacy},
 number = {4},
 pages = {66--81},
 title = {Botnet in the Browser: Understanding Threats Caused by Malicious Browser
Extensions},
 url = {https://doi.org/10.1109/MSP.2018.3111249},
 volume = {16},
 year = {2018}
}

@inproceedings{Pessl2016,
 author = {Peter Pessl and Daniel Gruss and Cl\'{e}mentine Maurice and Michael Schwarz and Stefan Mangard},
 booktitle = {USENIX Security Symposium},
 title = {{DRAMA: Exploiting DRAM Addressing for Cross-CPU Attacks}},
 year = {2016}
}

@inproceedings{pessl2016drama,
 author = {Pessl, Peter and Gruss, Daniel and Maurice, Cl{\'e}mentine and Schwarz, Michael and Mangard, Stefan},
 booktitle = {USENIX Security},
 title = {{DRAMA: Exploiting DRAM Addressing for Cross-CPU Attacks}},
 year = {2016}
}

@inproceedings{PesslBY17,
 author = {Peter Pessl and
Groot Bruinderink, Leon and
Yuval Yarom},
 booktitle = {CCS},
 pages = {1843--1855},
 title = {To {BLISS-B} or not to be: Attacking {strongSwan}'s Implementation of
Post-Quantum Signatures},
 year = {2017}
}

@inproceedings{petcu2011towards,
 author = {Petcu, Dana and Craciun, Ciprian and Rak, Massimiliano},
 booktitle = {CLOSER},
 title = {{Towards a cross platform cloud API}},
 year = {2011}
}

@inproceedings{Petsas2015,
 author = {Petsas, Thanasis and Tsirantonakis, Giorgos and Athanasopoulos, Elias and Ioannidis, Sotiris},
 booktitle = {{EuroSec'15}},
 title = {{Two-factor authentication: is the world ready?: quantifying 2FA adoption}},
 year = {2015}
}

@misc{pgbench,
 author = {{The PostgreSQL Global Development Group}},
 month = {February},
 title = {{pgbench}},
 url = {https://www.postgresql.org/docs/9.6/static/pgbench.html},
 year = {2016}
}

@inproceedings{Phan2017synthesis,
 author = {Phan, Quoc-Sang and Bang, Lucas and Pasareanu, Corina S and Malacaria, Pasquale and Bultan, Tevfik},
 booktitle = {CSF},
 title = {Synthesis of adaptive side-channel attacks},
 year = {2017}
}

@article{Philippe2017,
 author = {Philippe-Jankovic, Danny and Zia, Tanveer A},
 journal = {International Journal of Computer Science and Network Security (IJCSNS)},
 number = {2},
 title = {{Breaking VM Isolation - An In-Depth Look into the Cross VM Flush Reload Cache Timing Attack}},
 volume = {17},
 year = {2017}
}

@misc{Phoronix2017KASLR,
 author = {Phoronix},
 title = {{Linux 4.12 To Enable KASLR By Default}},
 url = {https://www.phoronix.com/scan.php?page=news_item&px=KASLR-Default-Linux-4.12},
 year = {2017}
}

@misc{Phoronix2018HT,
 author = {{Michael Larabel}},
 month = {June},
 publisher = {Phoronix Media},
 title = {{Intel Hyper Threading Performance With A Core i7 On Ubuntu 18.04 LTS}},
 url = {https://www.phoronix.com/scan.php?page=article&item=intel-ht-2018&num=4},
 year = {2018}
}

@misc{Phoronix2018kpti,
 author = {Phoronix},
 title = {{NVIDIA Gaming Performance Minimally Impacted By KPTI Patches}},
 url = {https://www.phoronix.com/scan.php?page=article&item=nvidia-linux-kpti},
 year = {2018}
}

@misc{Phoronix2020Benchmark,
 author = {Phoronix},
 title = {{Linux 4.12 To Enable KASLR By Default}},
 url = {https://www.phoronix-test-suite.com/},
 year = {2020}
}

@misc{Phoronix2020LVI,
 author = {Michael Larabel},
 title = {{The Brutal Performance Impact From Mitigating The LVI Vulnerability}},
 url = {https://www.phoronix.com/scan.php?page=article&item=lvi-attack-perf},
 year = {2020}
}

@misc{phpseclib,
 author = {TerraFrost},
 title = {{phpseclib}},
 url = {http://phpseclib.sourceforge.net/},
 year = {2019}
}

@inproceedings{Phung2009,
 author = {Phung, Phu H and Sands, David and Chudnov, Andrey},
 booktitle = {{ASIACCS'09}},
 title = {{Lightweight self-protecting JavaScript}},
 year = {2009}
}

@inproceedings{Phung2018,
 author = {Phung, James and Lee, Young Choon and Zomaya, Albert Y},
 booktitle = {NCA},
 organization = {IEEE},
 title = {{Modeling System-Level Power Consumption Profiles Using RAPL}},
 year = {2018}
}

@misc{piechota2022,
 author = {Piechota, Maciej},
 title = {{New technique of stealing data using CSS and Scroll-to-Text Fragment feature}},
 url = {https://www.secforce.com/blog/new-technique-of-stealing-data-using-css-and-scroll-to-text-fragment-feature/},
 year = {2022}
}

@inproceedings{pierce1994effect,
 author = {Pierce, Jim and Mudge, Trevor},
 booktitle = {IPDPS},
 title = {The effect of speculative execution on cache performance},
 year = {1994}
}

@misc{Pikhur2019lfb,
 author = {Pikhur, Volodymyr},
 title = {{Screenshot of running my PoC from Aug last year}},
 url = {https://twitter.com/vpikhur/status/1128731662949335040},
 year = {2019}
}

@article{Pinet2016,
 author = {Pinet, Svetlana and Ziegler, Johannes C. and Alario, F.-Xavier},
 journal = {Psychon Bull Rev},
 month = {April},
 number = {6},
 pages = {1898--1906},
 shorttitle = {Typing Is Writing},
 title = {Typing Is Writing: {{Linguistic}} Properties Modulate Typing Execution},
 volume = {23},
 year = {2016}
}

@inproceedings{pinkas2010oblivious,
 author = {Pinkas, Benny and Reinman, Tzachy},
 booktitle = {CRYPTO},
 title = {Oblivious RAM revisited},
 year = {2010}
}

@inproceedings{Pinkas2010Oblivious,
 author = {Pinkas, Benny and Reinman, Tzachy},
 booktitle = {CRYPTO},
 title = {Oblivious RAM revisited},
 year = {2010}
}

@inproceedings{piret2003differential,
 author = {Piret, Gilles and Quisquater, Jean-Jacques},
 booktitle = {CHES},
 title = {{A differential fault attack technique against SPN structures, with application to the AES and KHAZAD}},
 year = {2003}
}

@misc{Pizlo18,
 author = {Pizlo, Filip},
 title = {What {Spectre} and {Meltdown} Mean For {WebKit}},
 year = {2018}
}

@manual{pledge,
 month = {03},
 note = {Available at \url{https://man.openbsd.org/pledge}},
 title = {PLEDGE(2) System Calls Manual},
 year = {2020}
}

@inproceedings{pochat2018tranco,
 author = {Pochat, Victor Le and Van Goethem, Tom and Tajalizadehkhoob, Samaneh and Korczy{\'n}ski, Maciej and Joosen, Wouter},
 booktitle = {NDSS},
 title = {Tranco: A research-oriented top sites ranking hardened against manipulation},
 year = {2018}
}

@inproceedings{Poddebniak2018,
 author = {Poddebniak, Damian and Somorovsky, Juraj and Schinzel, Sebastian and Lochter, Manfred and R{\"o}sler, Paul},
 booktitle = {{EuroS\&P}},
 title = {{Attacking deterministic signature schemes using fault attacks}},
 year = {2018}
}

@inproceedings{Poddebniak2018efail,
 author = {Damian Poddebniak and Christian Dresen and Jens M{\"u}ller and Fabian Ising and Sebastian Schinzel and Simon Friedberger and Juraj Somorovsky and J{\"o}rg Schwenk},
 booktitle = {USENIX Security},
 title = {Efail: Breaking {S/MIME} and {OpenPGP} Email Encryption using Exfiltration Channels},
 year = {2018}
}

@inproceedings{poeplau2019systematic,
 author = {Poeplau, Sebastian and Francillon, Aur{\'e}lien},
 booktitle = {ACSAC},
 title = {Systematic comparison of symbolic execution systems: intermediate representation and its generation},
 year = {2019}
}

@inproceedings{Polychronakis2010shellcode,
 author = {Polychronakis, Michalis and Anagnostakis, Kostas G and Markatos, Evangelos P},
 booktitle = {ACSAC},
 title = {Comprehensive shellcode detection using runtime heuristics},
 year = {2010}
}

@misc{Pommerening1999Crypt,
 author = {Klaus Pommerening},
 title = {Lecture notes in Cryptology},
 url = {https://www.staff.uni-mainz.de/pommeren/Cryptology/Bitblock/Fourier/ANF.pdf},
 year = {1999}
}

@inproceedings{pomonis2017kr,
 author = {Pomonis, Marios and Petsios, Theofilos and Keromytis, Angelos D and Polychronakis, Michalis and Kemerlis, Vasileios P},
 booktitle = {EuroSys},
 title = {kR\^{}X: Comprehensive kernel protection against just-in-time code reuse},
 year = {2017}
}

@inproceedings{Pomonis2017krx,
 author = {Pomonis, Marios and Petsios, Theofilos and Keromytis, Angelos D and Polychronakis, Michalis and Kemerlis, Vasileios P},
 booktitle = {EuroSys},
 title = {{kR\^{} X: Comprehensive Kernel Protection against Just-In-Time Code Reuse}},
 year = {2017}
}

@misc{pop-ss,
 author = {Peterson, Nick and Mulasmajic, Nemanja},
 title = {POP SS/MOV SS Vulnerability},
 url = {https://everdox.net/popss.pdf},
 year = {2018}
}

@inproceedings{Popa2014Mylar,
 author = {Popa, Raluca Ada and Stark, Emily and Valdez, Steven and Helfer, Jonas and Zeldovich, Nickolai and Balakrishnan, Hari},
 booktitle = {USENIX Symposium on Networked Systems Design and Implementation},
 title = {Building web applications on top of encrypted data using Mylar},
 year = {2014}
}

@inproceedings{Popa2016Verena,
 author = {Karapanos, Nikolaos and Filios, Alexandros and Popa, Raluca Ada and Capkun, Srdjan},
 booktitle = {IEEE Symposium on Security and Privacy (SP)},
 doi = {10.1109/SP.2016.58},
 keyword = {Web servers;Databases;Context;Public key;Browsers;Medical diagnostic imaging},
 number = {},
 title = {Verena: End-to-End Integrity Protection for Web Applications},
 volume = {},
 year = {2016}
}

@misc{Pornin2022BearSSL,
 author = {Thomas Pornin},
 title = {{BearSSL: A smaller SSL/TLS library} },
 url = {https://www.bearssl.org},
 year = {2022}
}

@misc{Pornin2022constanttime,
 author = {Thomas Pornin},
 title = {{Why Constant-Time Crypto?}},
 url = {https://www.bearssl.org/constanttime.html},
 year = {2022}
}

@misc{Pornin2022cttk,
 author = {Thomas Pornin},
 title = {Constant-Time Toolkit},
 url = {https://github.com/pornin/CTTK},
 year = {2022}
}

@misc{Pornin2022performance,
 author = {Thomas Pornin},
 title = {{On Performance}},
 url = {https://www.bearssl.org/speed.html},
 year = {2022}
}

@inproceedings{Porter2009operating,
 author = {Porter, Donald E and Hofmann, Owen S and Rossbach, Christopher J and Benn, Alexander and Witchel, Emmett},
 booktitle = {{Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles}},
 title = {{Operating system transactions}},
 year = {2009}
}

@misc{portswigger2024cssinjection,
 author = {{PortSwigger}},
 title = {{CSS injection (reflected)}},
 url = {https://portswigger.net/kb/issues/00501300_css-injection-reflected},
 year = {2024}
}

@misc{portswigger2024path,
 author = {{PortSwigger}},
 title = {{Path-relative style sheet import}},
 url = {https://portswigger.net/kb/issues/00200328_path-relative-style-sheet-import},
 year = {2024}
}

@inproceedings{Powell2001,
 author = {Powell, Michael D and Agarwal, Amit and Vijaykumar, TN and Falsafi, Babak and Roy, Kaushik},
 booktitle = {MICRO},
 title = {Reducing set-associative cache energy via way-prediction and selective direct-mapping},
 year = {2001}
}

@manual{Power9ProcessorUserManual,
 author = {{IBM}},
 edition = {2.0},
 title = {{POWER9 Processor User’s Manual}},
 year = {2018}
}

@inproceedings{Pozniansky2003,
 author = {Pozniansky, Eli and Schuster, Assaf},
 booktitle = {PPoPP},
 title = {Efficient On-the-fly Data Race Detection in Multithreaded C++ Programs},
 year = {2003}
}

@article{Pozniansky2007,
 author = {Pozniansky, Eli and Schuster, Assaf},
 journal = {Concurr. Comput. : Pract. Exper.},
 title = {MultiRace: Efficient On-the-fly Data Race Detection in Multithreaded C++ Programs: Research Articles},
 year = {2007}
}

@inproceedings{Prakash2015pivot,
 author = {Prakash, Aravind and Yin, Heng},
 booktitle = {ACSAC},
 title = {Defeating ROP through denial of stack pivot},
 year = {2015}
}

@inproceedings{Prevelakis2001sandboxing,
 author = {Prevelakis, Vassilis and Spinellis, Diomidis},
 booktitle = {USENIX ATC},
 title = {Sandboxing Applications},
 year = {2001}
}

@misc{ProfitBicksRDMA,
 author = {{ProfitBicks}},
 title = {{https://blog.profitbricks.com/cloud-computing-performance-awards/}},
 url = {https://blog.profitbricks.com/cloud-computing-performance-awards/},
 year = {2018}
}

@misc{proton2024pgp,
 author = {{Proton}},
 title = {{What are PGP/MIME and PGP/Inline?}},
 url = {https://proton.me/support/pgp-mime-pgp-inline},
 year = {2024}
}

@inproceedings{Prouff2013masking,
 author = {Prouff, Emmanuel and Rivain, Matthieu},
 booktitle = {EUROCRYPT},
 title = {Masking against side-channel attacks: A formal security proof},
 year = {2013}
}

@inproceedings{provelengios2019characterization,
 author = {Provelengios, George and Ramesh, Chethan and Patil, Shivukumar B and Eguro, Ken and Tessier, Russell and Holcomb, Daniel},
 booktitle = {Proceedings of the 2019 ACM/SIGDA International Symposium on Field-Programmable Gate Arrays},
 organization = {ACM},
 pages = {292--297},
 title = {Characterization of Long Wire Data Leakage in Deep Submicron FPGAs},
 year = {2019}
}

@inproceedings{provos2003,
 author = {Niels Provos},
 booktitle = {Proceedings of the 12th {USENIX} Security Symposium, Washington, D.C.,
USA, August 4-8, 2003},
 publisher = {{USENIX} Association},
 title = {Improving Host Security with System Call Policies},
 year = {2003}
}

@misc{PseudoWorker,
 author = {{Nolan Lawson}},
 month = {November},
 title = {{A tiny and mostly spec-compliant WebWorker polyfill}},
 url = {https://github.com/nolanlawson/pseudo-worker},
 year = {2016}
}

@misc{pteinversion,
 author = {Corbet, Jonathan},
 title = {{Meltdown strikes back: the L1 terminal fault vulnerability}},
 url = {https://lwn.net/Articles/762570/},
 year = {2018}
}

@inproceedings{Pu2010,
 author = {Pu, Xing and Liu, Ling and Mei, Yiduo and Sivathanu, Sankaran and Koh, Younggyun and Pu, Calton},
 booktitle = {Proceedings of the 3rd International Conference on Cloud Computing (CLOUD'10)},
 pages = {51--58},
 title = {{Understanding Performance Interference of I/O Workload in Virtualized Cloud Environments}},
 year = {2010}
}

@inproceedings{Puddu2020frontal,
 author = {Puddu, Ivan and Schneider, Moritz and Haller, Miro and {\v{C}}apkun, Srdjan},
 booktitle = {USENIX Security Symposium},
 title = {{Frontal Attack: Leaking Control-Flow in SGX via the CPU Frontend}},
 year = {2021}
}

@article{Pukelsheim1994,
 author = {Pukelsheim, Friedrich},
 journal = {The American Statistician},
 title = {{The three sigma rule}},
 year = {1994}
}

@article{Purnal2019,
 author = {Purnal, Antoon and Ver\-bau\-whe\-de, Ingrid},
 journal = {arXiv:1908.03383},
 title = {{Advanced profiling for probabilistic Prime+Probe attacks and covert channels in ScatterCache}},
 year = {2019}
}

@inproceedings{Purnal2021PrimeScope,
 author = {Purnal, Antoon and Turan, Furkan and Verbauwhede, Ingrid},
 booktitle = {{CCS}},
 title = {{Prime+Scope: Overcoming the Observer Effect for High-Precision Cache Contention Attacks}},
 year = {2021}
}

@article{Purnal2021systematic,
 author = {Purnal, Antoon and Giner, Lukas and Gruss, Daniel and Verbauwhede, Ingrid},
 journal = {(in submission)},
 title = {{Systematic Analysis of Randomization-based Protected Cache Architectures}},
 year = {2021}
}

@inproceedings{Purnal2023showtime,
 author = {Purnal, Antoon and Bognar, Marton and Piessens, Frank and Verbauwhede, Ingrid},
 booktitle = {AsiaCCS},
 title = {ShowTime: Amplifying arbitrary CPU timing side channels},
 year = {2023}
}

@misc{pyaes,
 author = {Richard Moore},
 title = {{pyaes: Pure-Python implementation of AES block-cipher and common modes of operation}},
 url = {https://github.com/ricmoo/pyaes},
 year = {2017}
}

@misc{PyCryptodome,
 author = {Helder Eijs},
 title = {{PyCryptodome: A self-contained cryptographic library for Python}},
 url = {https://www.pycryptodome.org},
 year = {2018}
}

@misc{pypi2024flask,
 author = {{Python Package Index (pypi)}},
 title = {{Flask}},
 url = {https://pypi.org/project/Flask/},
 year = {2024}
}

@misc{pypi2024fonttools,
 author = {{Python Package Index (pypi)}},
 title = {{fonttools}},
 url = {https://pypi.org/project/fonttools/},
 year = {2024}
}

@misc{qemu_kvm_accel,
 author = {{QEMU}},
 title = {KVM Acceleration for QEMU},
 url = {https://git.qemu.org/?p=qemu.git;a=blob;f=accel/kvm/kvm-all.c;h=f450f25295ed1a4e28b8f5e9ef016e314db8895c;hb=HEAD},
 year = {2019}
}

@misc{qemu_manual,
 author = {QEMU},
 title = {{QEMU: the FAST! processor emulator}},
 url = {https://www.qemu.org},
 year = {2019}
}

@inproceedings{qian2019razor,
 author = {Qian, Chenxiong and Hu, Hong and Alharthi, Mansour and Ho Chung, Pak and Kim, Taesoo and Lee, Wenke},
 booktitle = {{USENIX} Security Symposium},
 title = {{RAZOR}: A Framework for Post-deployment Software Debloating},
 year = {2019}
}

@inproceedings{Qiao2016,
 author = {Qiao, Rui and Seaborn, Mark},
 booktitle = {{International Symposium on Hardware Oriented Security and Trust}},
 title = {{A New Approach for {Rowhammer} Attacks}},
 year = {2016}
}

@inproceedings{Qin2006,
 author = {Qin, Feng and Wang, Cheng and Li, Zhenmin and Kim, Ho-seop and Zhou, Yuanyuan and Wu, Youfeng},
 booktitle = {{MICRO}},
 title = {{LIFT: A low-overhead practical information flow tracking system for detecting security attacks}},
 year = {2006}
}

@inproceedings{Qin2018,
 author = {Qin, Yi and Yue, Chuan},
 booktitle = {TrustCom/BigDataSE},
 title = {{Website Fingerprinting by Power Estimation Based Side-Channel Attacks on Android 7}},
 year = {2018}
}

@inproceedings{Qin2021idev,
 author = {Qin, Shisong and Zhang, Chao and Chen, Kaixiang and Li, Zheming},
 booktitle = {ISSTA},
 title = {{iDEV}: Exploring and exploiting semantic deviations in ARM instruction processing},
 year = {2021}
}

@inproceedings{Qiu2019,
 author = {Qiu, Pengfei and Wang, Dongsheng and Lyu, Yongqiang and Qu, Gang},
 booktitle = {CCS},
 title = {{VoltJockey: Breaching TrustZone by Software-Controlled Voltage Manipulation over Multi-core Frequencies}},
 year = {2019}
}

@inproceedings{Qiu2019SGX,
 author = {Qiu, Pengfei and Wang, Dongsheng and Lyu, Yongqiang and Qu, Gang},
 booktitle = {AsianHOST},
 title = {{VoltJockey: Breaking SGX by Software-Controlled Voltage-In\-du\-ced Hardware Faults}},
 year = {2019}
}

@article{Qiu2022PMUSpill,
 author = {Qiu, Pengfei and Lyu, Yongqiang and Wang, Haixia and Wang, Dongsheng and Liu, Chang and Gao, Qiang and Wang, Chunlu and Sun, Rihui and Qu, Gang},
 journal = {arXiv:2207.11689},
 title = {PMUSpill: The Counters in Performance Monitor Unit that Leak SGX-Protected Secrets},
 year = {2022}
}

@inproceedings{Qiu2023PMU,
 author = {Qiu, Pengfei and Gao, Qiang and Wang, Dongsheng and Lyu, Yongqiang and Wang, Chunlu and Liu, Chang and Sun, Rihui and Qu, Gang},
 booktitle = {ASP-DAC},
 title = {PMU-Leaker: Performance monitor unit-based realization of cache side-channel attacks},
 year = {2023}
}

@misc{QMK2023keymap,
 author = {{QMK Team}},
 title = {{QMK Source - Keymap}},
 url = {https://github.com/qmk/qmk_firmware/blob/master/quantum/dynamic_keymap.c#L91},
 year = {2023}
}

@misc{QMK2023melka,
 author = {{QMK Team}},
 title = {{QMK Source - Melka Keymap}},
 url = {https://github.com/qmk/qmk_firmware/tree/master/keyboards/xiudi/xd60/keymaps/melka},
 year = {2023}
}

@misc{QMK2023warning,
 author = {{QMK Team}},
 title = {{QMK Source - Macro Warning}},
 url = {https://github.com/qmk/qmk_firmware/blob/master/docs/feature_macros.md},
 year = {2023}
}

@misc{Qt2024WebEngine,
 author = {Qt Wiki},
 title = {{QtWebEngine/ChromiumVersions}},
 url = {{https://wiki.qt.io/QtWebEngine/ChromiumVersions}},
 year = {2024}
}

@inproceedings{Quach2017,
 author = {Quach, Anh and Erinfolami, Rukayat and Demicco, David and Prakash, Aravind},
 booktitle = {FEAST},
 title = {{A multi-OS cross-layer study of bloating in user programs, kernel and managed execution environments}},
 year = {2017}
}

@inproceedings{quach2018debloating,
 author = {Quach, Anh and Prakash, Aravind and Yan, Lok},
 booktitle = {{USENIX Security Symposium}},
 title = {Debloating Software through Piece-Wise Compilation and Loading},
 year = {2018}
}

@misc{Qualcomm2016APQ8064,
 author = {Qualcomm Technologies, Inc.},
 title = {Qualcomm Snapdragon 600 APQ8064: Data Sheet},
 year = {2016}
}

@misc{Qualcomm2017PAC,
 author = {{Qualcomm Technologies}},
 title = {{Pointer Authentication on ARMv8.3: Design and Analysis of the New Software Security Instructions}},
 url = {https://www.qualcomm.com/media/documents/files/whitepaper-pointerauthentication-on-armv8-3.pdf},
 year = {2017}
}

@misc{QualcommSnapdragon2017,
 author = {Qualcomm},
 month = {January},
 title = {Snapdragon Mobile Processors and Chipsets},
 url = {https://www.qualcomm.com/products/snapdragon},
 year = {2017}
}

@misc{quiling,
 author = {Qiling Framework},
 title = {{quiling: A True Instrumentable Binary Emulation Framework }},
 url = {https://github.com/qilingframework/qiling},
 year = {2024}
}

@article{Quine1952truth,
 author = {Quine, Willard V},
 journal = {The American mathematical monthly},
 number = {8},
 title = {The problem of simplifying truth functions},
 volume = {59},
 year = {1952}
}

@article{Qureshi2007,
 author = {Qureshi, Moinuddin K. and Jaleel, Aamer and Patt, Yale N. and Steely, Simon C. and Emer, Joel},
 journal = {ACM SIGARCH Computer Architecture News},
 number = {2},
 pages = {381},
 title = {{Adaptive insertion policies for high performance caching}},
 volume = {35},
 year = {2007}
}

@inproceedings{Qureshi2018,
 author = {Qureshi, Moinuddin K},
 booktitle = {{IEEE MICRO}},
 title = {{CEASER: Mitigating Conflict-Based Cache Attacks via Encrypted-Address and Remapping}},
 year = {2018}
}

@inproceedings{Qureshi2019,
 author = {Qureshi, Moinuddin K},
 booktitle = {ISCA},
 title = {New attacks and defense for encrypted-address cache},
 year = {2019}
}

@article{Quynh2014capstone,
 author = {Quynh, Nguyen Anh},
 journal = {Black Hat USA},
 title = {Capstone: Next-gen disassembly framework},
 year = {2014}
}

@article{quynh2015unicorn,
 author = {Quynh, NGUYEN Anh and Vu, DANG Hoang},
 journal = {BlackHat USA},
 title = {Unicorn: Next generation cpu emulator framework},
 year = {2015}
}

@misc{RaceHound,
 author = {{Nikita Komarov}},
 title = {{Racehound: Data race detector for Linux kernel modules}},
 url = {https://github.com/winnukem/racehound},
 year = {2015}
}

@inproceedings{Radev2020sev,
 author = {Radev, Martin and Morbitzer, Mathias},
 booktitle = {Reversing and Offensive-oriented Trends Symposium},
 title = {Exploiting interfaces of secure encrypted virtual machines},
 year = {2020}
}

@inproceedings{Ragab2021crosstalk,
 author = {Ragab, Hany and Milburn, Alyssa and Razavi, Kaveh and Bos, Herbert and Giuffrida, Cristiano},
 booktitle = {S\&P},
 title = {{CrossTalk: Speculative Data Leaks Across Cores Are Real}},
 year = {2021}
}

@inproceedings{Ragab2021rage,
 author = {Ragab, Hany and Barberis, Enrico and Bos, Herbert and Giuffrida, Cristiano},
 booktitle = {USENIX Security},
 title = {Rage Against the Machine Clear: A Systematic Analysis of Machine Clears and Their Implications for Transient Execution Attacks},
 year = {2021}
}

@inproceedings{Rainer2025slice,
 author = {Mikka Rainer and Lorenz Hetterich and Fabian Thomas and Tristan Hornetz and Leon Trampert and Lukas Gerlach and Michael Schwarz},
 booktitle = {S\&P},
 title = {{Rapid Reversing of Non-Linear CPU Cache Slice Functions: Unlocking Physical Address Leakage}},
 year = {2025}
}

@inproceedings{Raj2009,
 author = {Raj, Himanshu and Nathuji, Ripal and Singh, Abhishek and England, Paul},
 booktitle = {CCSW'09},
 pages = {77--84},
 title = {{Resource Management for Isolation Enhanced Cloud Services}},
 year = {2009}
}

@inproceedings{raj2016ftpm,
 address = {Austin, TX},
 author = {Himanshu Raj and Stefan Saroiu and Alec Wolman and Ronald Aigner and Jeremiah Cox and Paul England and Chris Fenner and Kinshuman Kinshumann and Jork Loeser and Dennis Mattoon and Magnus Nystrom and David Robinson and Rob Spiger and Stefan Thom and David Wooten},
 booktitle = {25th {USENIX} Security Symposium ({USENIX} Security 16)},
 isbn = {978-1-931971-32-4},
 month = {August},
 pages = {841--856},
 publisher = {{USENIX} Association},
 title = {{fTPM: A Software-Only Implementation of a {TPM} Chip}},
 url = {https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/raj},
 year = {2016}
}

@inproceedings{Rajagopalan2005,
 author = {Rajagopalan, Mohan and Hiltunen, Matti and Jim, Trevor and Schlichting, Richard},
 booktitle = {DSN},
 title = {{Authenticated system calls}},
 year = {2005}
}

@inproceedings{ramesh2018fpga,
 author = {Ramesh, Chethan and Patil, Shivukumar B and Dhanuskodi, Siva Nishok and Provelengios, George and Pillement, S{\'e}bastien and Holcomb, Daniel and Tessier, Russell},
 booktitle = {2018 IEEE 26th Annual International Symposium on Field-Programmable Custom Computing Machines (FCCM)},
 organization = {IEEE},
 pages = {45--52},
 title = {FPGA side channel attacks without physical access},
 year = {2018}
}

@article{randal2023you,
 author = {Randal, Allison},
 journal = {arXiv preprint arXiv:2309.03376},
 title = {This is how you lose the transient execution war},
 year = {2023}
}

@inproceedings{rane2015raccoon,
 author = {Rane, Ashay and Lin, Calvin and Tiwari, Mohit},
 booktitle = {USENIX},
 title = {Raccoon: Closing digital $\{$Side-Channels$\}$ through obfuscated execution},
 year = {2015}
}

@inproceedings{ranger2007evaluating,
 author = {Ranger, Colby and Raghuraman, Ramanan and Penmetsa, Arun and Bradski, Gary and Kozyrakis, Christos},
 booktitle = {High Performance Computer Architecture (HPCA)},
 title = {Evaluating mapreduce for multi-core and multiprocessor systems},
 year = {2007}
}

@article{Ranjith2012,
 author = {Ranjith, P. and Priya, Chandran and Shalini, Kaleeswaran},
 journal = {Journal in Computer Virology},
 month = {June},
 number = {3},
 pages = {85--97},
 title = {{On covert channels between virtual machines}},
 volume = {8},
 year = {2012}
}

@article{Rao2001,
 author = {Rao, Josyula R and Rohatgi, Pankaj},
 journal = {IACR Cryptology ePrint Archive},
 pages = {37},
 title = {{EMpowering Side-Channel Attacks}},
 volume = {2001},
 year = {2001}
}

@misc{RapidPrototypingGithub,
 author = {GitHub},
 title = {{Libtea and SCFirefox GitHub repository}},
 url = {https://github.com/libtea/frameworks},
 year = {2020}
}

@misc{RaplDriver2013,
 author = {Pan, Jacob},
 title = {{RAPL (Running Average Power Limit) driver}},
 url = {https://lwn.net/Articles/545745/},
 year = {2013}
}

@misc{raspberrypi3bp,
 author = {Raspberry Pi Foundation},
 title = {Raspberry Pi 3 Model B+},
 url = {https://www.raspberrypi.org/products/raspberry-pi-3-model-b-plus},
 year = {2018}
}

@inproceedings{Rauscher2024Idleleak,
 author = {Rauscher, Fabian and Kogler, Andreas and Juffinger, Jonas and Gruss, Daniel},
 booktitle = {{NDSS}},
 title = {{IdleLeak: Exploiting Idle State Side Effects for Information Leakage}},
 year = {2024}
}

@inproceedings{Rauscher2025Systematic,
 author = {Rauscher, Fabian and Fiedler, Carina and Kogler, Andreas and Gruss, Daniel},
 booktitle = {NDSS},
 title = {A Systematic Evaluation of Novel and Existing Cache Side Channels},
 year = {2025}
}

@inproceedings{Ravi2004tamper,
 author = {Ravi, Srivaths and Raghunathan, Anand and Chakradhar, Srimat},
 booktitle = {VLSI Design},
 title = {Tamper resistance mechanisms for secure embedded systems},
 year = {2004}
}

@inproceedings{Ravi2011,
 author = {Ravi, Vignesh T and Becchi, Michela and Agrawal, Gagan and Chakradhar, Srimat},
 booktitle = {Proceedings of the 20th international symposium on High-Performance Parallel and Distributed Computing (HPDC'11)},
 pages = {217--228},
 title = {{Supporting GPU Sharing in Cloud Environments with a Transparent Runtime Consolidation Framework}},
 year = {2011}
}

@inproceedings{ravichandran2022pacman,
 author = {Ravichandran, Joseph and Na, Weon Taek and Lang, Jay and Yan, Mengjia},
 booktitle = {ISCA},
 title = {PACMAN: attacking ARM pointer authentication with speculative execution},
 year = {2022}
}

@inproceedings{Rawat2017,
 author = {Rawat, Sanjay and Jain, Vivek and Kumar, Ashish and Cojocar, Lucian and Giuffrida, Cristiano and Bos, Herbert},
 booktitle = {{NDSS}},
 title = {{Vuzzer: Application-aware evolutionary fuzzing}},
 year = {2017}
}

@inproceedings{Razavi2016,
 author = {Kaveh Razavi and Ben Gras and Erik Bosman and Bart Preneel and Cristiano Giuffrida and Herbert Bos},
 booktitle = {USENIX Security Symposium},
 title = {Flip Feng Shui: Hammering a Needle in the Software Stack},
 year = {2016}
}

@inproceedings{Reardon2013,
 author = {Reardon, Joel and Basin, David and Capkun, Srdjan},
 booktitle = {S\&P'13},
 pages = {301--315},
 title = {{SoK: Secure Data Deletion}},
 year = {2013}
}

@inproceedings{Rebeiro2006,
 author = {Chester Rebeiro and A. David Selvakumar and A. S. L. Devi},
 booktitle = {{Cryptology and Network Security (CANS)}},
 title = {{Bitslice Implementation of AES}},
 year = {2006}
}

@inproceedings{Rebeiro2009,
 author = {Rebeiro, Chester and Mukhopadhyay, Debdeep and Takahashi, Junko and Fukunaga, Toshinori},
 booktitle = {International Conference on Cryptology in India},
 title = {Cache timing attacks on Clefia},
 year = {2009}
}

@online{Reddit2024F133,
 author = {joopdehoop},
 title = {{Firmware update for 'Chinese' F133 head unit}},
 url = {https://www.reddit.com/r/CarAV/comments/18ivjsg/firmware_update_for_chinese_f133_head_unit/},
 year = {2023}
}

@misc{RedHat2018Detector,
 author = {Red Hat},
 title = {{Spectre And Meltdown Detector}},
 url = {https://access.redhat.com/labsinfo/speculativeexecution},
 year = {2018}
}

@misc{RedHat2018Netspectre,
 author = {Masters, Jon},
 title = {{Thoughts on NetSpectre}},
 url = {https://www.redhat.com/en/blog/thoughts-netspectre},
 year = {2018}
}

@manual{RedHatKSM,
 author = {{Red Hat}},
 title = {{Red Hat Enterprise Linux 7 - Virtualization Tuning and Optimization Guide}},
 year = {2017}
}

@misc{Regenscheid2017Platform,
 author = {Regenscheid, Andrew},
 institution = {National Institute of Standards and Technology},
 title = {Platform firmware resiliency guidelines},
 year = {2017}
}

@article{Reid2017,
 author = {Reid, Alastair},
 journal = {Proceedings of the ACM on Programming Languages},
 number = {OOPSLA},
 publisher = {ACM},
 title = {{Who guards the guards? Formal validation of the Arm v8-M architecture specification}},
 volume = {1},
 year = {2017}
}

@inproceedings{Reinbrecht2016side,
 author = {Reinbrecht, Cezar and Susin, Altamiro and Bossuet, Lilian and Sigl, Georg and Sep{\'u}lveda, Johanna},
 booktitle = {Symposium on Integrated Circuits and Systems Design (SBCCI)},
 title = {Side channel attack on NoC-based MPSoCs are practical: NoC Prime+Probe attack},
 year = {2016}
}

@inproceedings{Reis2006,
 author = {Reis, Charles and Dunagan, John and Wang, Helen J. and Dubrovsky, Opher and Esmeir, Saher},
 booktitle = {USENIX Symposium on Operating Systems Design and Implementation},
 title = {BrowserShield: Vulnerability-driven Filtering of Dynamic HTML},
 year = {2006}
}

@inproceedings{Reis2009,
 author = {Reis, Charles and Gribble, Steven D},
 booktitle = {EuroSys},
 title = {{Isolating web programs in modern browser architectures}},
 year = {2009}
}

@misc{Reis2018siteisolation,
 author = {Charlie Reis},
 title = {Mitigating Spectre with Site Isolation in Chrome},
 url = {https://security.googleblog.com/2018/07/mitigating-spectre-with-site-isolation.html},
 year = {2018}
}

@inproceedings{Reis2019SiteIsolation,
 author = {Reis, Charles and Moshchuk, Alexander and Oskov, Nasko},
 booktitle = {USENIX Security Symposium},
 title = {{Site Isolation: Process Separation for Web Sites within the Browser}},
 year = {2019}
}

@inproceedings{Ren2015,
 author = {Ren, Chuangang and Zhang, Yulong and Xue, Hui and Wei, Tao and Liu, Peng},
 booktitle = {{USENIX Security Symposium}},
 title = {{Towards Discovering and Understanding Task Hijacking in Android}},
 year = {2015}
}

@misc{Renzelmann2009,
 author = {Matthew J. Renzelmann and Michael M. Swift},
 journal = {{USENIX ATC}},
 title = {{Decaf: Moving Device Drivers to a Modern Language}},
 year = {2009}
}

@inproceedings{Reparaz2017dude,
 author = {Reparaz, Oscar and Balasch, Josep and Verbauwhede, Ingrid},
 booktitle = {DATE},
 title = {Dude, is my code constant time?},
 year = {2017}
}

@misc{resnick2008rfc5322,
 author = {Resnick, Pete},
 title = {RFC5322: Internet Message Format},
 url = {https://datatracker.ietf.org/doc/html/rfc5322},
 year = {2008}
}

@misc{rfc7231,
 author = {Roy T. Fielding and Julian Reschke},
 doi = {10.17487/RFC7231},
 howpublished = {RFC 7231},
 month = {June},
 number = {7231},
 pagetotal = {101},
 series = {Request for Comments},
 title = {{Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content}},
 url = {https://www.rfc-editor.org/info/rfc7231},
 year = {2014}
}

@misc{rfc7517,
 author = {Michael B. Jones},
 doi = {10.17487/RFC7517},
 howpublished = {RFC 7517},
 number = {7517},
 publisher = {RFC Editor},
 series = {Request for Comments},
 title = {{JSON Web Key (JWK)}},
 url = {https://www.rfc-editor.org/info/rfc7517},
 year = {2015}
}

@article{Richard2011TwoSidedKS,
 author = {Richard, Simard and L’Ecuyer, Pierre},
 journal = {Journal of Statistical Software},
 month = {01},
 pages = {},
 title = {Computing the Two-Sided Kolmogorov-Smirnov Distribution},
 year = {2011}
}

@inproceedings{Richter2016,
 author = {Richter, Lars and G{\"o}tzfried, Johannes and M{\"u}ller, Tilo},
 booktitle = {SysTEX},
 title = {Isolating operating system components with intel sgx},
 year = {2016}
}

@misc{RidlGithub,
 author = {VUSec},
 title = {{RIDL test suite and exploits (GitHub)}},
 url = {https://github.com/vusec/ridl},
 year = {2020}
}

@misc{Rijmen2020ThresholdCryptography,
 author = {Rijmen, Vincent and Nikova, Svetla},
 publisher = {{COSIC}},
 title = {{Threshold Cryptography Against Physical Attacks}},
 url = {https://www.esat.kuleuven.be/cosic/events/tis-online-workshop/wp-content/uploads/sites/6/2020/07/Vincent_Rijmen.pdf},
 year = {2020}
}

@inproceedings{Rimmer2018automated,
 author = {Rimmer, Vera and Preuveneers, Davy and Juarez, Marc and Van Goethem, Tom and Joosen, Wouter},
 booktitle = {NDSS},
 title = {{Automated Website Fingerprinting through Deep Learning}},
 year = {2018}
}

@misc{Ringnalda2004Getting,
 author = {Phil Ringnalda},
 title = {{Getting around IE's MIME type mangling}},
 url = {http://weblog.philringnalda.com/2004/04/06/getting-around-ies-mime-type-mangling},
 year = {2004}
}

@misc{Rinne2018,
 author = {Thorsten Rinne},
 title = {phpMyFAQ - Open Source FAQ system for PHP and MySQL, PostgreSQL and other databases},
 url = {https://github.com/thorsten/phpMyFAQ},
 year = {2018}
}

@misc{Riscv-dv,
 author = {Google},
 title = {{RISCV-DV: SV/UVM based instruction generator for RISC-V processor verification}},
 url = {https://github.com/google/riscv-dv},
 year = {2019}
}

@misc{RISCV2022Boards,
 author = {RISC-V Foundation},
 title = {{RISC-V Exchange: Available Boards}},
 url = {https://riscv.org/exchanges/boards/},
 year = {2022}
}

@misc{RISCV2022KASLR,
 author = {{From: Zong Li}},
 title = {Support KASLR for RISC-V},
 url = {https://lore.kernel.org/all/cover.1584352425.git.zong.li@sifive.com/},
 year = {2022}
}

@misc{Riscv2022Opcodes,
 author = {RISC-V Foundation},
 title = {riscv-opcodes},
 url = {https://github.com/riscv/riscv-opcodes},
 year = {2022}
}

@misc{Riscv2023Archtests,
 author = {RISC-V Foundation},
 title = {{RISC-V Architecture Test SIG}},
 url = {https://github.com/riscv-non-isa/riscv-arch-test},
 year = {2023}
}

@misc{riscv2024gnu,
 author = {{RISC-V Collaboration}},
 title = {{riscv-gnu-toolchain}},
 url = {https://github.com/riscv-collab/riscv-gnu-toolchain},
 year = {2024}
}

@misc{riscv2024os,
 author = {{RISC-V International}},
 title = {{Operating Systems}},
 url = {https://wiki.riscv.org/display/HOME/Operating+Systems},
 year = {2024}
}

@misc{Riscv2024Spike,
 author = {RISC-V International},
 title = {Spike RISC-V ISA Simulator},
 url = {https://github.com/riscv-software-src/riscv-isa-sim},
 year = {2024}
}

@misc{RiscvEmbeddeds,
 author = {{RISC-V Foundation}},
 title = {{RISC-V Exchange}},
 url = {https://riscv.org/exchange/},
 year = {2023}
}

@misc{RiscvSBCs,
 author = {{Krimsky}},
 title = {{RISC-V Single Board Computers}},
 url = {http://krimsky.net/articles/riscvsbc.html},
 year = {2023}
}

@article{RiscvSpecDebug,
 editor = {Newsome, Tim and Wachs, Megan},
 publisher = {RISC-V Foundation},
 title = {{RISC-V External Debug Support, Version 0.13.2}},
 year = {2019}
}

@misc{RiscvSpecKernel,
 author = {Waterman, Andrew and Asanovi\'{c}, Krste and Hauser, John},
 publisher = {RISC-V Foundation},
 title = {{The RISC-V Instruction Set Manual Volume II: Privileged Architecture, Document Version 20211203}},
 year = {2021}
}

@article{RiscvSpecPrivileged,
 editor = {Waterman, Andrew and Asanovi\'{c}, Krste},
 publisher = {RISC-V Foundation},
 title = {{The RISC-V Instruction Set Manual, Vol. II: Privileged Architecture, Version 20190608-Priv-MSU-Ratified}},
 year = {2019}
}

@misc{RiscvSpecUser,
 author = {Waterman, Andrew and Asanovi\'{c}, Krste},
 publisher = {RISC-V Foundation},
 title = {{The RISC-V Instruction Set Manual, Vol. I: Unprivileged ISA, Version 20191213}},
 year = {2019}
}

@online{RiscVSpecVector,
 author = {RISC-V Foundation},
 title = {RISC-V "V" Vector Extension 1.0},
 url = {https://wiki.riscv.org/display/HOME/Ratified+Extensions},
 year = {2021}
}

@online{RiscVSpecVector071,
 author = {RISC-V Foundation},
 title = {RISC-V "V" Vector Extension 0.7.1},
 url = {https://github.com/riscv/riscv-v-spec/releases/tag/0.7.1},
 year = {2019}
}

@online{RiscVSpecZfh,
 author = {RISC-V Foundation},
 title = {RISC-V “Zfh” and “Zfhmin” Standard Extensions for Half-Precision Floating-Point, Version 1.0},
 url = {https://wiki.riscv.org/display/HOME/Recently+Ratified+Extensions},
 year = {2021}
}

@inproceedings{Ristenpart2009,
 author = {Ristenpart, Thomas and Tromer, Eran and Shacham, Hovav and Savage, Stefan},
 booktitle = {CCS},
 title = {{Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds}},
 year = {2009}
}

@misc{roberts2015namespaces,
 author = {Roberts, Harry},
 title = {{More Transparent UI Code with Namespaces}},
 url = {{https://csswizardry.com/2015/03/more-transparent-ui-code-with-namespaces/}},
 year = {2015}
}

@inproceedings{Roemer2012Return,
 author = {Roemer, Ryan and Buchanan, Erik and Shacham, Hovav and Savage, Stefan},
 booktitle = {ACM Transactions on Information and System Security (TISSEC)},
 title = {Return-oriented programming: Systems, languages, and applications},
 year = {2012}
}

@misc{Roettger2020ridl,
 author = {Stephen R{\"o}ttger},
 title = {{Escaping the Chrome Sandbox with RIDL}},
 url = {https://googleprojectzero.blogspot.com/2020/02/escaping-chrome-sandbox-with-ridl.html},
 year = {2020}
}

@misc{Roettger2021SpectreJS,
 author = {{Stephen R{\"o}ttger and Artur Janc}},
 title = {{A Spectre proof-of-concept for a Spectre-proof web}},
 url = {https://security.googleblog.com/2021/03/a-spectre-proof-of-concept-for-spectre.html},
 year = {2021}
}

@inproceedings{rogaway2004efficient,
 author = {Rogaway, Phillip},
 booktitle = {ASIACRYPT},
 title = {{Efficient Instantiations of Tweakable Blockciphers and Refinements to Modes OCB and PMAC}},
 year = {2004}
}

@misc{rogueSystemRegRead2018,
 title = {Rogue system register read},
 url = {https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/rogue-system-register-read.html},
 year = {2018}
}

@inproceedings{Rohan2020Prefetch,
 author = {Rohan, Aditya and Panda, Biswabandan and Agarwal, Prakhar},
 booktitle = {SILM Workshop},
 title = {Reverse Engineering the Stream Prefetcher for Profit},
 year = {2020}
}

@inproceedings{Rokicki2020ghostbusters,
 author = {Rokicki, Simon},
 booktitle = {DATE},
 title = {{GhostBusters: Mitigating Spectre Attacks on a DBT-Based Processor}},
 year = {2020}
}

@inproceedings{Rokicki2022contention,
 author = {Rokicki, Thomas and Maurice, Cl{\'e}mentine and Botvinnik, Marina and Oren, Yossi},
 booktitle = {AsiaCCS},
 title = {Port contention goes portable: Port contention side channels in web browsers},
 year = {2022}
}

@inproceedings{Rokicki2022port,
 author = {Thomas Rokicki and Clémentine Maurice and Michael Schwarz},
 booktitle = {ESORICS},
 title = {{CPU Port Contention Without SMT}},
 year = {2022}
}

@inproceedings{romer2001information,
 author = {R{\"o}mer, Tanja and Seifert, Jean-Pierre},
 booktitle = {International Conference on Research in Smart Cards},
 organization = {Springer},
 pages = {211--219},
 title = {Information leakage attacks against smart card implementations of the elliptic curve digital signature algorithm},
 year = {2001}
}

@inproceedings{ronen20199,
 author = {Ronen, Eyal and Gillham, Robert and Genkin, Daniel and Shamir, Adi and Wong, David and Yarom, Yuval},
 booktitle = {IEEE Symposium on Security and Privacy},
 title = {{The 9 Lives of Bleichenbacher’s CAT: New Cache ATtacks on TLS Implementations}},
 year = {2019}
}

@misc{RootsecWebsite,
 author = {RootSec},
 note = {\url{https://roots.ec}},
 title = {{RootSec Research Group}},
 year = {2025}
}

@misc{Rosenberg2010,
 author = {Dan Rosenberg},
 month = {December},
 title = {kptr\_restrict for hiding kernel pointers},
 url = {https://lwn.net/Articles/420403/},
 year = {2010}
}

@article{Rotem2012,
 author = {Rotem, Efraim and Naveh, Alon and Ananthakrishnan, Avinash and Weissmann, Eliezer and Rajwan, Doron},
 journal = {{IEEE} Micro},
 title = {{Power-Management Architecture of the Intel Microarchitecture Code-Named Sandy Bridge}},
 year = {2012}
}

@inproceedings{Roth2020complex,
 author = {Roth, Sebastian and Barron, Timothy and Calzavara, Stefano and Nikiforakis, Nick and Stock, Ben},
 booktitle = {NDSS},
 title = {Complex security policy? a longitudinal analysis of deployed content security policies},
 year = {2020}
}

@inproceedings{Roth2021Usable,
 author = {Roth, Sebastian and Gröber, Lea and Backes, Michael and Krombholz, Katharina and Stock, Ben},
 booktitle = {{CCS}},
 title = {{12 Angry Developers – A Qualitative Study on Developers’ Struggles with CSP}},
 year = {2021}
}

@book{Rothstein1995,
 author = {Rothstein, Joseph},
 publisher = {Atlantic Books},
 title = {{MIDI}: a Comprehensive Introduction, 2nd ed.},
 year = {1995}
}

@misc{Rotithor2006,
 author = {Rotithor, Hemant G and Osborne, Randy B and Aboulenein, Nagi},
 month = {October},
 note = {US Patent 7,127,574},
 publisher = {Google Patents},
 title = {{Method and apparatus for out of order memory scheduling}},
 year = {2006}
}

@misc{RSA,
 author = {Ronald L. Rivest and Adi Shamir and Leonard M. Adleman},
 note = {US Patent Grant 1983-09-20},
 number = {US4405829A},
 title = {Cryptographic communications system and method},
 url = {https://patents.google.com/patent/US4405829},
 year = {1977}
}

@article{Rudesill2015deepweb,
 author = {Rudesill, Dakota S and Caverlee, James and Sui, Daniel},
 title = {{The Deep Web and the Darknet: A Look Inside the Internet's Massive Black Box}},
 year = {2015}
}

@inproceedings{Ruegge2025branch,
 author = {R{\"u}egge, Sandro and Wikner, Johannes and Razavi, Kaveh},
 booktitle = {USENIX Security Symposium},
 title = {Branch Privilege Injection: Compromising Spectre v2 Hardware Mitigations by Exploiting Branch Predictor Race Conditions},
 year = {2025}
}

@article{Ruhrmair2009,
 author = {R\"{u}hrmair, Ulrich and S\"{o}lter, Jan and Sehnke, Frank},
 journal = {IACR Cryptology ePrint Archive},
 title = {{On the Foundations of Physical Unclonable Functions}},
 year = {2009}
}

@inproceedings{Ruhrmair2010,
 author = {R\"{u}hrmair, Ulrich and Sehnke, Frank and S\"{o}lter, Jan and Dror, Gideon and Devadas, Srinivas and Schmidhuber, J\"{u}rgen},
 booktitle = {CCS'10},
 title = {{Modeling attacks on physical unclonable functions}},
 year = {2010}
}

@inproceedings{Ruhrmair2013,
 author = {R\"{u}hrmair, Ulrich and van Dijk, Marten},
 booktitle = {S\&P'13},
 pages = {286--300},
 title = {{PUFs in Security Protocols: Attack Models and Security Evaluations}},
 year = {2013}
}

@book{Rumelhart1986,
 editor = {Rumelhart, David E. and McClelland, James L. and PDP Research Group, CORPORATE},
 isbn = {0-262-68053-X},
 publisher = {MIT Press},
 title = {Parallel Distributed Processing: Explorations in the Microstructure of Cognition, Vol. 1: Foundations},
 year = {1986}
}

@misc{Russinovich1998,
 author = {Mark Russinovich},
 month = {August},
 title = {Inside Memory Management, Part 2},
 url = {https://www.itprotoday.com/management-mobility/inside-memory-management-part-2},
 year = {1998}
}

@misc{Russinovich2005,
 author = {Russinovich, Mark},
 month = {October},
 no-url = {https://blogs.technet.microsoft.com/markrussinovich/2005/10/31/sony-rootkits-and-digital-rights-management-gone-too-far/},
 title = {{Sony, Rootkits and Digital Rights Management Gone Too Far}},
 year = {2005}
}

@misc{Russinovich2009PagePool,
 author = {Mark Russinovich},
 title = {{Pushing the Limits of Windows: Paged and Nonpaged Pool}},
 url = {https://blogs.technet.microsoft.com/markrussinovich/2009/03/10/pushing-the-limits-of-windows-paged-and-nonpaged-pool/},
 year = {2009}
}

@book{Russinovich2012,
 author = {Russinovich, Mark E and Solomon, David A and Ionescu, Alex},
 publisher = {Pearson Education},
 title = {Windows internals},
 year = {2012}
}

@misc{rust_blockciphers,
 author = {{Rust Crypto}},
 title = {{block-ciphers}},
 url = {https://github.com/RustCrypto/block-ciphers},
 year = {2024}
}

@inproceedings{Rutkowska2006,
 author = {Rutkowska, Joanna},
 booktitle = {Black Hat Briefings},
 title = {{Subverting Vista Kernel for Fun and Profit}},
 year = {2006}
}

@misc{Rutkowska2013,
 author = {Joanna Rutkowska},
 no-note = {Retrieved on October 20, 2016},
 no-url = {http://theinvisiblethings.blogspot.com/2013/09/},
 title = {{Thoughts on Intel's upcoming Software Guard Extensions (Part 2)}},
 year = {2013}
}

@inproceedings{Ryan2019hardware,
 author = {Ryan, Keegan},
 booktitle = {CCS},
 title = {{Hardware-Backed Heist: Extracting ECDSA Keys from Qualcomm's TrustZone}},
 year = {2019}
}

@article{ryan2019return,
 author = {Ryan, Keegan},
 journal = {IACR Transactions on Cryptographic Hardware and Embedded Systems},
 pages = {146--168},
 title = {{Return of the Hidden Number Problem.}},
 year = {2019}
}

@inproceedings{Rydstedt2010,
 author = {Rydstedt, Gustav and Gourdin, Baptiste and Bursztein, Elie and Boneh, Dan},
 booktitle = {{4th USENIX Conference on Offensive Technologies}},
 title = {{Framing attacks on smart phones and dumb routers: tap-jacking and geo-localization attacks}},
 year = {2010}
}

@article{Saab2016,
 author = {Sami Saab and Pankaj Rohatgi and Craig Hampel},
 journal = {IACR Cryptology ePrint Archive},
 title = {Side-Channel Protections for Cryptographic Instruction Set Extensions},
 url = {https://eprint.iacr.org/2016/700},
 year = {2016}
}

@article{Saab2016aes,
 author = {Saab, Sami and Rohatgi, Pankaj and Hampel, Craig},
 journal = {IACR Cryptology ePrint Archive},
 title = {{Side-Channel Protections for Cryptographic Instruction Set Extensions}},
 year = {2016}
}

@inproceedings{Saavedra1995,
 author = {Saavedra, R.H. and Smith, A.J.},
 booktitle = {IEEE Transactions on Computers},
 title = {Measuring cache and TLB performance and their effect on benchmark runtimes},
 year = {1995}
}

@inproceedings{Sabbagh2018,
 author = {Sabbagh, Majid and Fei, Yunsi and Wahl, Thomas and Ding, A. Adam},
 booktitle = {ICCAD},
 title = {{SCADET: A Side-Channel Attack Detection Tool for Tracking Prime+Probe}},
 year = {2018}
}

@inproceedings{sabbagh2018scadet,
 author = {Sabbagh, Majid and Fei, Yunsi and Wahl, Thomas and Ding, A Adam},
 booktitle = {ICCAD},
 title = {Scadet: A side-channel attack detection tool for tracking prime-probe},
 year = {2018}
}

@inproceedings{sabbagh2021sserv,
 author = {Majid Sabbagh, Yunsi Fei},
 booktitle = {Workshop on Computer Architecture Research with RISC-V (CARRV)},
 title = {Secure Speculative Execution via RISC-V Open Hardware Design},
 year = {2021}
}

@inproceedings{Sadeghi2004,
 author = {Sadeghi, Ahmad-Reza and Stuble, Christian},
 booktitle = {Proceedings of the 2004 workshop on New security paradigms},
 pages = {67--77},
 title = {{Property-based Attestation for Computing Platforms: Caring about properties, not mechanisms}},
 year = {2004}
}

@inproceedings{Sadeghi2021competition,
 author = {Sadeghi, Ahmad-Reza and Rajendran, Jeyavijayan and Kande, Rahul},
 booktitle = {Great Lakes Symposium on VLSI},
 title = {Organizing the world's largest hardware security competition: challenges, opportunities, and lessons learned},
 year = {2021}
}

@misc{sage2022math,
 author = {The Sage Developers and William Stein and David Joyner and David Kohel and John Cremona and Eröcal, Burçin},
 title = {{SageMath, version 9.7}},
 url = {http://www.sagemath.org},
 year = {2022}
}

@manual{sagemath,
 author = {{The Sage Developers}},
 key = {SageMath},
 note = {{\tt https://www.sagemath.org}},
 title = {{S}ageMath, the {S}age {M}athematics {S}oftware {S}ystem ({V}ersion 8.4)},
 year = {2019}
}

@misc{Sager2002way,
 author = {Sager, David J and Hinton, Glenn J},
 note = {US Patent 6,425,055},
 publisher = {Google Patents},
 title = {Way-predicting cache memory},
 year = {2002}
}

@inproceedings{Sahin2017SoK,
 author = {Sahin, Merve and Francillon, Aurélien and Gupta, Payas and Ahamad, Mustaque},
 booktitle = {EuroS\&P},
 title = {SoK: Fraud in Telephony Networks},
 year = {2017}
}

@inproceedings{Sahin2018,
 author = {Sahin, Onur and Coskun, Ayse K and Egele, Manuel},
 booktitle = {International Symposium on Research in Attacks, Intrusions, and Defenses},
 organization = {Springer},
 title = {Proteus: Detecting Android Emulators from Instruction-Level Profiles},
 year = {2018}
}

@inproceedings{Saileshwar2019,
 author = {Saileshwar, Gururaj and Qureshi, Moinuddin K},
 booktitle = {MICRO},
 title = {CleanupSpec: An ``Undo'' Approach to Safe Speculation},
 year = {2019}
}

@inproceedings{Saileshwar2021Mirage,
 author = {Saileshwar, Gururaj and Qureshi, Moinuddin},
 booktitle = {USENIX Security Symposium},
 title = {{MIRAGE}: Mitigating Conflict-Based Cache Attacks with a Practical Fully-Associative Design},
 year = {2021}
}

@inproceedings{Saito2016fingerprint,
 author = {Saito, Takamichi and Yasuda, Koki and Ishikawa, Takayuki and Hosoi, Rio and Takahashi, Kazushi and Chen, Yongyan and Zalasiński, Marcin},
 booktitle = {International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS)},
 title = {Estimating CPU Features by Browser Fingerprinting},
 year = {2016}
}

@inproceedings{Saito2018web,
 author = {Takamichi Saito and
Koki Yasuda and
Kazuhisa Tanabe and
Kazushi Takahashi},
 booktitle = {International Conference on Broad-Band Wireless
Computing, Communication and Applications, {BWCCA}},
 title = {Web Browser Tampering: Inspecting {CPU} Features from Side-Channel
Information},
 year = {2017}
}

@inproceedings{Saito2019,
 author = {Saito, Takamichi and Noda, Takafumi and Hosoya, Ryohei and Tanabe, Kazuhisa and Saito, Yuta},
 booktitle = {Advances in Network-Based Information Systems (NBiS)},
 title = {On Estimating Platforms of Web User with JavaScript Math Object},
 year = {2019}
}

@inproceedings{Sakalis2019efficient,
 author = {Sakalis, Christos and Kaxiras, Stefanos and Ros, Alberto and Jimborean, Alexandra and Sj{\"a}lander, Magnus},
 booktitle = {ISCA},
 title = {Efficient invisible speculative execution through selective delay and value prediction},
 year = {2019}
}

@inproceedings{Sakalis2019ghost,
 author = {Sakalis, Christos and Alipour, Mehdi and Ros, Alberto and Jimborean, Alexandra and Kaxiras, Stefanos and Sj{\"a}lander, Magnus},
 booktitle = {International Conference on Computing Frontiers},
 title = {Ghost loads: what is the cost of invisible speculation?},
 year = {2019}
}

@article{Salaun2009,
 author = {Sala\"{u}n, Micka\"{e}l},
 journal = {Journal in Computer Virology},
 month = {August},
 number = {4},
 pages = {317--328},
 title = {{Practical overview of a Xen covert channel}},
 volume = {6},
 year = {2010}
}

@article{Saltzer1975,
 author = {Jerome H. Saltzer and
Michael D. Schroeder},
 journal = {Proceedings of the {IEEE}},
 number = {9},
 pages = {1278--1308},
 title = {The protection of information in computer systems},
 volume = {63},
 year = {1975}
}

@inproceedings{SamsungExynosM1,
 author = {Brad Burgess},
 booktitle = {IEEE Hot Chips},
 title = {{Samsung Exynos M1 Processor}},
 url = {https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=7936205},
 year = {2016}
}

@inproceedings{Samuel2010TUF,
 author = {Samuel, Justin and Mathewson, Nick and Cappos, Justin and Dingledine, Roger},
 booktitle = {CCS},
 title = {Survivable key compromise in software update systems},
 year = {2010}
}

@inproceedings{Sanchez2010,
 author = {Sanchez, Fernando and Duan, Zhenhai and Dong, Yingfei},
 booktitle = {{Annual Collaboration, Electronic Messaging, Anti-Abuse and Spam Conference (CEAS)}},
 title = {{Understanding forgery properties of spam delivery paths}},
 year = {2010}
}

@inproceedings{Sanchez2010zcache,
 author = {Sanchez, Daniel and Kozyrakis, Christos},
 booktitle = {MICRO},
 title = {The ZCache: Decoupling ways and associativity},
 year = {2010}
}

@inproceedings{Sanchez2011Vantage,
 author = {Sanchez, Daniel and Kozyrakis, Christos},
 booktitle = {Proceedings of the annual international symposium on Computer architecture},
 title = {{Vantage: Scalable and efficient fine-grain cache partitioning}},
 year = {2011}
}

@inproceedings{SanchezRola2018fingerprint,
 author = {Sanchez-Rola, Iskander and Santos, Igor and Balzarotti, Davide},
 booktitle = {CCS},
 title = {Clock Around the Clock: Time-Based Device Fingerprinting},
 year = {2018}
}

@inproceedings{sandberg2015full,
 author = {Sandberg, Andreas and Nikoleris, Nikos and Carlson, Trevor E and Hagersten, Erik and Kaxiras, Stefanos and Black-Schaffer, David},
 booktitle = {IEEE},
 organization = {IEEE},
 title = {Full speed ahead: Detailed architectural simulation at near-native speed},
 year = {2015}
}

@inproceedings{Sang2024Sense,
 author = {Sang, Fan and Lee, Jaehyuk and Zhang, Xiaokuan and Xu, Meng and Constable, Scott and Xiao, Yuan and Steiner, Michael and Vij, Mona and Kim, Taesoo},
 booktitle = {NDSS},
 title = {{SENSE: Enhancing Microarchitectural Awareness for TEEs via Subscription-Based Notification}},
 year = {2024}
}

@inproceedings{Santos2008,
 author = {Santos, JR and Turner, Yoshio and Janakiraman, G. John and Pratt, Ian},
 booktitle = {Proceedings of the 2008 USENIX Annual Technical Conference (USENIX ATC'08)},
 pages = {29--42},
 title = {{Bridging the gap between software and hardware techniques for i/o virtualization}},
 year = {2008}
}

@inproceedings{Santos2009,
 author = {Santos, Nuno and Gummadi, Krishna P and Rodrigues, Rodrigo},
 booktitle = {Proceedings of the 2009 USENIX conference on Hot Topics in Cloud Computing},
 title = {{Towards Trusted Cloud Computing}},
 year = {2009}
}

@inproceedings{Santos2012,
 author = {Santos, Nuno and Rodrigues, Rodrigo and Gummadi, Krishna P and Saroiu, Stefan},
 booktitle = {USENIX Security Symposium},
 title = {{Policy-sealed data: A new abstraction for building trusted cloud services}},
 year = {2012}
}

@inproceedings{Saraswat2014,
 author = {Saraswat, Vishal and Feldman, Daniel and Kune, Denis Foo and Das, Satyajit},
 booktitle = {Workshop on Cryptography and Security in Computing Systems},
 title = {Remote Cache-timing Attacks Against AES},
 year = {2014}
}

@article{Savage1997,
 author = {Savage, Stefan and Burrows, Michael and Nelson, Greg and Sobalvarro, Patrick and Anderson, Thomas},
 journal = {ACM Transactions on Computer Systems},
 title = {Eraser: A Dynamic Data Race Detector for Multithreaded Programs},
 year = {1997}
}

@misc{savage2020,
 author = {Savage, Matthew},
 title = {{PlaidCTF 2020: Catalog Writeup}},
 url = {https://dttw.tech/posts/B19RXWzYL},
 year = {2020}
}

@inproceedings{Saxena2010Flax,
 author = {Saxena, Prateek and Hanna, Steve and Poosankam, Pongsin and Song, Dawn},
 booktitle = {{NDSS}},
 title = {{FLAX: Systematic Discovery of Client-side Validation Vulnerabilities in Rich Web Applications}},
 year = {2010}
}

@inproceedings{saxena2023pt,
 author = {Saxena, Anish and Saileshwar, Gururaj and Juffinger, Jonas and Kogler, Andreas and Gruss, Daniel and Qureshi, Moinuddin},
 booktitle = {DSN},
 title = {Pt-guard: Integrity-protected page tables to defend against breakthrough rowhammer attacks},
 year = {2023}
}

@online{Scaleway2024C910Cloud,
 author = {Scaleway},
 title = {{The world's first RISC-V servers available in the cloud}},
 url = {https://labs.scaleway.com/en/em-rv1/},
 year = {2024}
}

@misc{ScalewayRiscv,
 author = {{Scaleway}},
 title = {{Elastic Metal RV1 - The world's first RISC-V servers available in the cloud.}},
 url = {https://labs.scaleway.com/en/em-rv1/},
 year = {2023}
}

@incollection{scarlata2008tpm,
 author = {Scarlata, Vincent and Rozas, Carlos and Wiseman, Monty and Grawrock, David and Vishik, Claire},
 booktitle = {Trusted Computing},
 pages = {43--56},
 publisher = {Springer},
 title = {{TPM virtualization: Building a general framework}},
 year = {2008}
}

@misc{schaad2019rfc8551,
 author = {Jim Schaad and Blake C. Ramsdell and Sean Turner},
 title = {RFC8551: Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 4.0 Message Specification},
 url = {https://datatracker.ietf.org/doc/html/rfc8551},
 year = {2019}
}

@inproceedings{Schaller2017,
 author = {Schaller, Andre and Xiong, Wenjie and Anagnostopoulos, Nikolaos Athanasios and Saleem, Muhammad Umair and Gabmeyer, Sebastian and Katzenbeisser, Stefan and Szefer, Jakub},
 booktitle = {{Hardware Oriented Security and Trust (HOST}},
 title = {{Intrinsic Rowhammer PUFs: Leveraging the Rowhammer effect for improved security}},
 year = {2017}
}

@misc{Schapire97boosting,
 author = {Schapire, Robert E. and Freund, Yoav and Bartlett, Peter and Lee, Wee Sun},
 title = {Boosting the Margin: A New Explanation for the Effectiveness of Voting Methods},
 year = {1997}
}

@inproceedings{Scharnowski2022Fuzzware,
 author = {Scharnowski, Tobias and Bars, Nils and Schloegel, Moritz and Gustafson, Eric and Muench, Marius and Vigna, Giovanni and Kruegel, Christopher and Holz, Thorsten and Abbasi, Ali},
 booktitle = {USENIX Security},
 title = {Fuzzware: Using Precise {MMIO} Modeling for Effective Firmware Fuzzing},
 year = {2022}
}

@inproceedings{schellenberg2018remote,
 author = {Schellenberg, Falk and Gnad, Dennis RE and Moradi, Amir and Tahoori, Mehdi B},
 booktitle = {2018 IEEE/ACM International Conference on Computer-Aided Design (ICCAD)},
 organization = {IEEE},
 pages = {1--7},
 title = {Remote inter-chip power analysis side-channel attacks at board-level},
 year = {2018}
}

@misc{Schenk2019,
 author = {Morten Schenk},
 title = {{Development of a new Windows 10 KASLR Bypass (in One WinDBG Command)}},
 url = {https://www.offensive-security.com/vulndev/development-of-a-new-windows-10-kaslr-bypass-in-one-windbg-command/},
 year = {2019}
}

@inproceedings{Schindler2015,
 author = {Schindler, Werner},
 booktitle = {International Workshop on Cryptographic Hardware and Embedded Systems},
 title = {{Exclusive Exponent Blinding May Not Suffice to Prevent Timing Attacks on RSA}},
 year = {2015}
}

@inproceedings{schink2019taking,
 author = {Schink, Marc and Obermaier, Johannes},
 booktitle = {{USENIX WOOT}},
 title = {Taking a look into {Execute-Only} memory},
 year = {2019}
}

@inproceedings{schloegel2022loki,
 author = {Schloegel, Moritz and Blazytko, Tim and Contag, Moritz and Aschermann, Cornelius and Basler, Julius and Holz, Thorsten and Abbasi, Ali},
 booktitle = {{USENIX Security}},
 title = {Loki: Hardening code obfuscation against automated attacks},
 year = {2022}
}

@inproceedings{Schlosser2012,
 author = {Schlösser, Alexander and Nedospasov, Dmitry and Krämer, Juliane and Orlic, Susanna and Seifert, Jean-Pierre},
 booktitle = {CHES'12},
 title = {{Simple Photonic Emission Analysis of AES}},
 year = {2012}
}

@inproceedings{Schlueter2023FetchBench,
 author = {Till Schlüter and Amit Choudhari and Lorenz Hetterich and Leon Trampert and Hamed Nemati and Ahmad Ibrahim and Michael Schwarz and Christian Rossow and Nils Ole Tippenhauer},
 booktitle = {CCS},
 title = {{FetchBench: Systematic Identification and Characterization of Proprietary Prefetchers}},
 year = {2023}
}

@inproceedings{Schlueter2024heckler,
 author = {Schl{\"u}ter, Benedict and Sridhara, Supraja and Kuhne, Mark and Bertschi, Andrin and Shinde, Shweta},
 booktitle = {USENIX Security},
 title = {{HECKLER}: Breaking Confidential VMs with Malicious Interrupts},
 year = {2024}
}

@inproceedings{Schlueter2024wesee,
 author = {Schl{\"u}ter, Benedict and Sridhara, Supraja and Bertschi, Andrin and Shinde, Shweta},
 booktitle = {S\&P},
 title = {Wesee: Using malicious\# vc interrupts to break amd sev-snp},
 year = {2024}
}

@article{schluter2025prefence,
 author = {Schl{\"u}ter, Till and Tippenhauer, Nils Ole},
 publisher = {CISPA},
 title = {PreFence: A Fine-Grained and Scheduling-Aware Defense Against Prefetching-Based Attacks},
 year = {2025}
}

@article{Schlyter2012,
 author = {Schlyter, Jakob and Hoffman, Paul},
 title = {{The DNS-based authentication of named entities (DANE) transport layer security (TLS) protocol: TLSA}},
 year = {2012}
}

@misc{Schmid2007,
 author = {Patrick Schmid},
 month = {January},
 title = {Windows Vista's SuperFetch and ReadyBoost Analyzed},
 url = {https://www.tomshardware.com/reviews/windows-vista-superfetch-and-readyboostanalyzed,1532-2.html},
 year = {2007}
}

@inproceedings{schneider2015leakage,
 author = {Schneider, Tobias and Moradi, Amir},
 booktitle = {CHES},
 title = {{Leakage assessment methodology: A clear roadmap for side-channel evaluations}},
 year = {2015}
}

@article{schneider2024breaking,
 author = {Schneider, Moritz and Lain, Daniele and Puddu, Ivan and Dutly, Nicolas and Capkun, Srdjan},
 journal = {arXiv preprint arXiv:2410.13489},
 title = {Breaking Bad: How Compilers Break Constant-Time\~{} Implementations},
 year = {2024}
}

@article{Schneier2013tor,
 author = {Schneier, Bruce},
 journal = {The Guardian},
 title = {{Attacking Tor: how the NSA targets users' online anonymity}},
 volume = {4},
 year = {2013}
}

@inproceedings{Schoenherr2013,
 author = {J. H. {Schönherr} and B. {Juurlink} and J. {Richling}},
 booktitle = {6th International Workshop on Multi-/Many-core Computing Systems (MuCoCoS)},
 title = {Topology-aware equipartitioning with coscheduling on multicore systems},
 year = {2013}
}

@inproceedings{Schrammel2020Donky,
 author = {Schrammel, David and Weiser, Samuel and Steinegger, Stefan and Schwarzl, Martin and Schwarz, Michael and Mangard, Stefan and Gruss, Daniel},
 booktitle = {USENIX Security Symposium},
 title = {{Donky: Domain Keys--Efficient In-Process Isolation for RISC-V and x86}},
 year = {2020}
}

@article{schroder2024divide,
 author = {Schr{\"o}der, Robin Leander and Gast, Stefan and Guo, Qian},
 journal = {Cryptology ePrint Archive},
 title = {Divide and surrender: Exploiting variable division instruction timing in hqc key recovery attacks},
 year = {2024}
}

@misc{Schuh2020private,
 author = {Justin Schuh},
 title = {{Building a more private web: A path towards making third party cookies obsolete }},
 url = {{https://blog.chromium.org/2020/01/building-more-private-web-path-towards.html}},
 year = {2020}
}

@misc{Schuh2023private,
 author = {Justin Schuh},
 title = {{Building a more private web: A path towards making third party cookies obsolete }},
 url = {{https://blog.chromium.org/2020/01/building-more-private-web-path-towards.html}},
 year = {2020}
}

@inproceedings{Schulz2011,
 author = {Schulz, Steffen and Wachsmann, Christian and Sadeghi, Ahmad-Reza},
 booktitle = {WiSec},
 title = {{Lightweight Remote Attestation using Physical Functions}},
 year = {2011}
}

@misc{schurmann2021openpgp,
 author = {Sch{\"u}rmann, Dominik},
 title = {{openpgp.org - Software}},
 url = {https://www.openpgp.org/software/},
 year = {2021}
}

@inproceedings{Schuster2015COOP,
 author = {Felix Schuster and
Thomas Tendyck and
Christopher Liebchen and
Lucas Davi and
Ahmad{-}Reza Sadeghi and
Thorsten Holz},
 booktitle = {{S\&P}},
 title = {Counterfeit Object-oriented Programming: On the Difficulty of Preventing
Code Reuse Attacks in {C++} Applications},
 year = {2015}
}

@inproceedings{Schuster2015VC3,
 author = {Schuster, Felix and Costa, Manuel and Fournet, C\'{e}dric and Gkantsidis, Christos and Peinado, Marcus and Mainar-Ruiz, Gloria and Russinovich, Mark},
 booktitle = {S\&P},
 title = {{VC3: trustworthy data analytics in the cloud using SGX}},
 year = {2015}
}

@inproceedings{Schwartz2010,
 author = {Schwartz, Edward J and Avgerinos, Thanassis and Brumley, David},
 booktitle = {S\&P},
 title = {{All you ever wanted to know about dynamic taint analysis and forward symbolic execution (but might have been afraid to ask)}},
 year = {2010}
}

@inproceedings{Schwarz2005,
 author = {Schwarz, Benjamin and Chen, Hao and Wagner, David and Morrison, Geoff and West, Jacob and Lin, Jeremy and Tu, Wei},
 booktitle = {{Computer Security Applications Conference, 21st Annual}},
 title = {{Model checking an entire linux distribution for security violations}},
 year = {2005}
}

@inproceedings{Schwarz2017MGX,
 author = {Schwarz, Michael and Gruss, Daniel and Weiser, Samuel and Maurice, Clémentine and Mangard, Stefan},
 booktitle = {DIMVA},
 title = {{Malware Guard Extension: Using SGX to Conceal Cache Attacks}},
 year = {2017}
}

@inproceedings{Schwarz2017SGX,
 author = {Michael Schwarz and Samuel Weiser and Daniel Gruss and Clémentine Maurice and Stefan Mangard},
 booktitle = {DIMVA},
 title = {{Malware Guard Extension: Using SGX to Conceal Cache Attacks}},
 year = {2017}
}

@inproceedings{Schwarz2017Timers,
 author = {Schwarz, Michael and Maurice, Clémentine and Gruss, Daniel and Mangard, Stefan},
 booktitle = {FC},
 title = {{Fantastic Timers and Where to Find Them: High-Resolution Microarchitectural Attacks in JavaScript}},
 year = {2017}
}

@article{Schwarz2018DF,
 author = {Schwarz, Michael and Gruss, Daniel and Lipp, Moritz and Clémentine, Maurice and Schuster, Thomas and Fogh, Anders and Mangard, Stefan},
 journal = {AsiaCCS},
 title = {{Automated Detection, Exploitation, and Elimination of Double-Fetch Bugs using Modern CPU Features}},
 year = {2018}
}

@inproceedings{Schwarz2018jstemplate,
 author = {Schwarz, Michael and Lackner, Florian and Gruss, Daniel},
 booktitle = {NDSS},
 title = {{JavaScript Template Attacks: Automatically Inferring Host Information for Targeted Exploits}},
 year = {2019}
}

@inproceedings{Schwarz2018JSZ,
 author = {Michael Schwarz and Moritz Lipp and Daniel Gruss},
 booktitle = {NDSS},
 title = {{JavaScript Zero: Real JavaScript and Zero Side-Channel Attacks}},
 year = {2018}
}

@inproceedings{Schwarz2018KeyDrown,
 author = {Michael Schwarz and Moritz Lipp and Daniel Gruss and Samuel Weiser and Clémentine Maurice and Raphael Spreitzer and Stefan Mangard},
 booktitle = {NDSS},
 title = {{KeyDrown: Eliminating Software-Based Keystroke Timing Side-Channel Attacks}},
 year = {2018}
}

@article{Schwarz2019Context,
 author = {Schwarz, Michael and Schilling, Robert and Kargl, Florian and Lipp, Moritz  and Canella, Claudio and Gruss, Daniel},
 journal = {arXiv:1905.09100},
 title = {{ConTExT: Leakage-Free Transient Execution}},
 year = {2019}
}

@inproceedings{Schwarz2019netspectre,
 author = {Schwarz, Michael and Schwarzl, Martin and Lipp, Moritz and Gruss, Daniel},
 booktitle = {ESORICS},
 title = {{NetSpectre: Read Arbitrary Memory over Network}},
 year = {2019}
}

@misc{Schwarz2019RootHash,
 author = {Michael Schwarz},
 month = {May},
 url = {https://twitter.com/misc0110/status/1129305720770498561},
 year = {2019}
}

@inproceedings{Schwarz2019SGXMalware,
 author = {Michael Schwarz and Samuel Weiser and Daniel Gruss},
 booktitle = {DIMVA},
 title = {{Practical Enclave Malware with Intel SGX}},
 year = {2019}
}

@article{Schwarz2019STL,
 author = {Schwarz, Michael and Canella, Claudio and Giner, Lukas and Gruss, Daniel},
 journal = {arXiv:1905.05725},
 title = {{Store-to-Leak Forwarding: Leaking Data on Meltdown-resistant CPUs}},
 year = {2019}
}

@phdthesis{Schwarz2019Thesis,
 author = {Schwarz, Michael},
 school = {Graz University of Technology},
 title = {{Software-based Side-Channel Attacks and Defenses in Restricted Environments}},
 year = {2019}
}

@inproceedings{Schwarz2019ZL,
 author = {Schwarz, Michael and Lipp, Moritz and Moghimi, Daniel and Van Bulck, Jo and Stecklina, Julian and Prescher, Thomas and Gruss, Daniel},
 booktitle = {CCS},
 title = {{ZombieLoad: Cross-Privilege-Boundary Data Sampling}},
 year = {2019}
}

@inproceedings{Schwarz2020Context,
 author = {Schwarz, Michael and Lipp, Moritz and Canella, Claudio and Schilling, Robert and Kargl, Florian and Gruss, Daniel},
 booktitle = {NDSS},
 title = {{ConTExT: A Generic Approach for Mitigating Spectre}},
 year = {2020}
}

@article{Schwarz2020malware,
 author = {Schwarz, Michael and Weiser, Samuel and Gruss, Daniel and Maurice, Cl{\'e}\-men\-ti\-ne and Mangard, Stefan},
 journal = {Cybersecurity},
 number = {1},
 pages = {2},
 publisher = {Springer},
 title = {Malware Guard Extension: abusing Intel SGX to conceal cache attacks},
 volume = {3},
 year = {2020}
}

@article{Schwarz2020trusted,
 author = {Schwarz, Michael and Gruss, Daniel},
 journal = {IEEE Security \& Privacy},
 title = {{How Trusted Execution Environments Fuel Research on Microarchitectural Attacks}},
 year = {2020}
}

@book{Schwarz2024cysec2,
 author = {Michael Schwarz},
 publisher = {Michael Schwarz},
 title = {Foundations of Cyber Security 2: Lecture Notes},
 year = {2024}
}

@article{Schwarzl2020Prefetch,
 author = {Schwarzl, Martin and Schuster, Thomas and Schwarz, Michael and Gruss, Daniel},
 journal = {{arXiv 2008.02307}},
 title = {{Speculative Dereferencing of Registers: Reviving Foreshadow}},
 year = {2020}
}

@inproceedings{Schwarzl2021dynamic,
 author = {Schwarzl, Martin and Borrello, Pietro and Kogler, Andreas and Varda, Kenton and Schuster, Thomas and Gruss, Daniel and Schwarz, Michael},
 booktitle = {ESORICS},
 title = {Robust and Scalable Process Isolation against Spectre in the Cloud},
 year = {2022}
}

@inproceedings{Schwarzl2021Specfuscator,
 author = {Martin Schwarzl and Claudio Canella and Daniel Gruss and Michael Schwarz},
 booktitle = {FC},
 title = {{Specfuscator: Evaluating Branch Removal as a Spectre Mitigation}},
 year = {2021}
}

@inproceedings{Schwarzl2021Speculative,
 author = {Schwarzl, Martin and Schuster, Thomas and Schwarz, Michael and Gruss, Daniel},
 booktitle = {{FC}},
 title = {{Speculative Dereferencing of Registers: Reviving Foreshadow}},
 year = {2021}
}

@inproceedings{Schwarzl2023Compression,
 author = {Martin Schwarzl and Pietro Borrello and Gururaj Saileshwar and Hanna Müller and Michael Schwarz and Daniel Gruss},
 booktitle = {S\&P},
 title = {{Practical Timing Side-Channel Attacks on Memory Compression}},
 year = {2023}
}

@misc{SchwarzPteditor,
 author = {Michael Schwarz and Moritz Lipp and Claudio Canella},
 title = {{misc0110/PTEditor: A small library to modify all page-table levels of all processes from user space for x86\_64 and ARMv8}},
 url = {https://github.com/misc0110/PTEditor},
 year = {2018}
}

@inproceedings{Seaborn2015BH,
 author = {Seaborn, Mark and Dullien, Thomas},
 booktitle = {Black Hat Briefings},
 title = {Exploiting the {DRAM} rowhammer bug to gain kernel privileges},
 year = {2015}
}

@misc{Seaborn2015CachedRowhammer,
 author = {Mark Seaborn},
 month = {August},
 title = {{cached\_rowhammer.cc}},
 url = {https://github.com/google/rowhammer-test/blob/c1d2bd9f629281402c10bb10e52bc1f1faf59cc4/cached_rowhammer/cached_rowhammer.cc},
 year = {2015}
}

@misc{Seaborn2015DRAMmap,
 author = {Mark Seaborn},
 title = {{How physical addresses map to rows and banks in DRAM}},
 url = {http://lackingrhoticity.blogspot.com/2015/05/how-physical-addresses-map-to-rows-and-banks.html},
 year = {2015}
}

@article{seaborn2015exploiting,
 author = {Seaborn, Mark and Dullien, Thomas},
 journal = {Black Hat},
 title = {Exploiting the DRAM rowhammer bug to gain kernel privileges},
 year = {2015}
}

@misc{Seaborn2015rev,
 author = {Mark Seaborn},
 month = {April},
 note = {Retrieved on June 26, 2015},
 title = {{L3 cache mapping on Sandy Bridge CPUs}},
 url = {http://lackingrhoticity.blogspot.com/2015/04/l3-cache-mapping-on-sandy-bridge-cpus.html},
 year = {2015}
}

@misc{Seaborn2015row,
 author = {Mark Seaborn},
 month = {March},
 note = {Retrieved on June 26, 2015},
 title = {{Exploiting the DRAM rowhammer bug to gain kernel privileges}},
 url = {http://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.html},
 year = {2015}
}

@manual{seccomp,
 month = {03},
 note = {Available at \url{http://man7.org/linux/man-pages/man2/seccomp.2.html}},
 title = {seccomp(2) Linux Programmer's Manual},
 year = {2020}
}

@article{seccompbpf,
 note = {Accessed 2025-08-04},
 organization = {The Linux Kernel Developers},
 title = {{Seccomp BPF (SECure COMPuting with filters)}},
 url = {https://www.kernel.org/doc/html/v6.8/userspace-api/seccomp_filter.html},
 year = {2025}
}

@inproceedings{Semal2020covert,
 author = {Semal, Benjamin and Markantonakis, Konstantinos and Mayes, Keith and Kalbantner, Jan},
 booktitle = {TrustCom},
 title = {One Covert Channel to Rule Them All: A Practical Approach to Data Exfiltration in the Cloud},
 year = {2020}
}

@misc{SensePost2020BoundsCheckElim,
 author = {{Sense Post}},
 title = {{Intro to Chromes V8 from an Exploit Development Angle}},
 url = {https://sensepost.com/blog/2020/intro-to-chromes-v8-from-an-exploit-development-angle/},
 year = {2020}
}

@inproceedings{seo2017sgx,
 author = {Seo, Jaebaek and Lee, Byoungyoung and Kim, Seong Min and Shih, Ming-Wei and Shin, Insik and Han, Dongsu and Kim, Taesoo},
 booktitle = {NDSS},
 title = {SGX-Shield: Enabling Address Space Layout Randomization for SGX Programs.},
 year = {2017}
}

@inproceedings{Serebryany2012,
 author = {Serebryany, Konstantin and Bruening, Derek and Potapenko, Alexander and Vyukov, Dmitriy},
 booktitle = {{USENIX Annual Technical Conference}},
 pages = {309--318},
 title = {{AddressSanitizer: A Fast Address Sanity Checker.}},
 year = {2012}
}

@misc{serebryany2017oss,
 author = {Serebryany, Kostya},
 title = {OSS-Fuzz - Google's continuous fuzzing service for open source software},
 url = {https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/serebryany},
 year = {2017}
}

@inproceedings{Serebryany2017Oss,
 author = {Serebryany, Kostya},
 booktitle = {{USENIX Security Symposium}},
 title = {{OSS-Fuzz -- Google's continuous fuzzing service for open source software}},
 year = {2017}
}

@article{Serebryany2021Silifuzz,
 author = {Serebryany, Kostya and Lifantsev, Maxim and Shtoyk, Konstantin and Kwan, Doug and Hochschild, Peter},
 journal = {arXiv:2110.11519},
 title = {Silifuzz: Fuzzing cpus by proxy},
 year = {2021}
}

@article{serebryany2021silifuzz,
 author = {Serebryany, Kostya and Lifantsev, Maxim and Shtoyk, Konstantin and Kwan, Doug and Hochschild, Peter},
 journal = {arXiv preprint arXiv:2110.11519},
 title = {Silifuzz: Fuzzing cpus by proxy},
 year = {2021}
}

@misc{Serna2008,
 author = {Serna, Fermin J},
 title = {{MS08-061 : The case of the kernel mode double-fetch}},
 url = {https://blogs.technet.microsoft.com/srd/2008/10/14/ms08-061-the-case-of-the-kernel-mode-double-fetch/},
 year = {2008}
}

@inproceedings{Seshadri2004,
 author = {Seshadri, Arvind and Perrig, Adrian and van Doorn, Leendert and Khosla, Pradeep},
 booktitle = {S\&P'04},
 pages = {272--282},
 title = {{SWATT: software-based attestation for embedded devices}},
 year = {2004}
}

@article{Severinsen2017,
 author = {Severinsen, Kristoffer and Johansen, Christian and Bursuc, Sergiu},
 journal = {Security Principles and Trust Hotspot 2017},
 title = {Securing the End-points of the Signal Protocol using Intel SGX based Containers},
 year = {2017}
}

@inproceedings{seyedzadeh2018mitigating,
 author = {Seyedzadeh, Seyed Mohammad and Jones, Alex K and Melhem, Rami},
 booktitle = {ISCA},
 organization = {IEEE},
 title = {Mitigating wordline crosstalk using adaptive trees of counters},
 year = {2018}
}

@misc{sgx_nbench,
 author = {{utds3lab}},
 title = {{Adaptation of nbench-byte-2.2.3 for Intel SGX}},
 url = {https://github.com/utds3lab/sgx-nbench},
 year = {2017}
}

@misc{sgxbench,
 author = {Quinonez, Raul},
 title = {{SGXBENCH framework for benchmarking SGX enclaves}},
 url = {https://github.com/sgxbench/sgxbench},
 year = {2018}
}

@misc{sgxdeveloperref,
 author = {{Intel}},
 month = {May},
 note = {Rev 1.5},
 title = {Intel {{Software Guard Extensions SDK for Linux OS Developer Reference}}},
 year = {2016}
}

@misc{sgxtutorial,
 author = {Anati, Ittai and McKeen, Frank and Gueron, Shay and Huang, Haitao and Johnson, Simon and Leslie-Hurd, Rebekah and Patil, Harish and Rozas, Carlos V. and Shafi, Hisham},
 note = {Tutorial Slides presented at ICSA 2015},
 title = {Intel {{Software Guard Extensions}} ({{Intel SGX}})},
 type = {Tutorial Slides},
 year = {2015}
}

@inproceedings{Shacham2004,
 author = {Hovav Shacham and Matthew Page and Ben Pfaff and Eu{-}Jin Goh and Nagendra Modadugu and Dan Boneh},
 booktitle = {{CCS}},
 title = {On the effectiveness of address-space randomization},
 year = {2004}
}

@inproceedings{Shacham2007,
 author = {Shacham, Hovav},
 booktitle = {CCS},
 title = {{The geometry of innocent flesh on the bone: Return-into-libc without function calls (on the x86)}},
 year = {2007}
}

@article{Shah2021ARM,
 author = {Agam Shah},
 journal = {The Register},
 title = {{Apple is beginning to undo decades of Intel, x86 dominance in PC market}},
 url = {https://www.theregister.com/2021/11/12/apple_arm_m1_intel_x86_market/},
 year = {2021}
}

@online{Shah2023Riscvcloud,
 author = {Agam Shah},
 title = {China Deploys Massive RISC-V Server in Commercial Cloud},
 url = {https://www.hpcwire.com/2023/11/08/china-deploys-massive-risc-v-server-in-commercial-cloud/},
 year = {2023}
}

@misc{Shaikh2024ChinaBans,
 author = {Shaikh, Roshan Ashraf},
 title = {China blocks Intel and AMD CPUs for government offices and servers, plans to switch to domestic-made alternatives},
 url = {https://www.tomshardware.com/pc-components/cpus/china-bans-intel-and-amd-cpus-for-government-offices-and-servers-plans-to-switch-to-domestic-made-alternatives},
 year = {2024}
}

@article{Shamir1979secretsharing,
 author = {Shamir, Adi},
 journal = {Communications of the ACM},
 title = {How to share a secret},
 year = {1979}
}

@inproceedings{Shankar2001,
 author = {Shankar, Umesh and Talwar, Kunal and Foster, Jeffrey S and Wagner, David},
 booktitle = {{USENIX Security Symposium}},
 title = {{Detecting format string vulnerabilities with type qualifiers.}},
 year = {2001}
}

@misc{Shannon1999Modem,
 author = {Victoria Shannon},
 title = {{The Rise and Fall of the Modem King}},
 url = {https://www.nytimes.com/1999/01/07/news/the-rise-and-fall-of-the-modem-king.html},
 year = {1999}
}

@inproceedings{Shao2013,
 author = {Shao, Yakun Sophia and Brooks, David},
 booktitle = {ISLPED},
 title = {{Energy Characterization and Instruction-Level Energy Model of Intel's Xeon Phi Processor}},
 year = {2013}
}

@inproceedings{Sharif2008impeding,
 author = {Sharif, Monirul I and Lanzi, Andrea and Giffin, Jonathon T and Lee, Wenke},
 booktitle = {NDSS},
 title = {Impeding Malware Analysis Using Conditional Code Obfuscation.},
 year = {2008}
}

@misc{Sharwood2025ChinaBreakthroughs,
 author = {Sharwood, Simon},
 booktitle = {The Register},
 title = {China claims breakthroughs in classical and quantum computers},
 url = {https://www.theregister.com/2025/06/30/china_claims_breakthroughs_in_classical/},
 year = {2025}
}

@misc{Shen2006,
 author = {Gene, W. Shen and Nelson, S. Craig},
 month = {October},
 note = {US Patent 7,117,290 B2},
 publisher = {Google Patents},
 title = {{MicroTLB and micro tag for reducing power in a processor }},
 year = {2006}
}

@inproceedings{Shen2010,
 author = {Shen, Zhidong and Tong, Qiang},
 booktitle = {Proceedings of the 2nd International Conference on Signal Processing Systems (ICSPS'10)},
 pages = {11--15},
 title = {{The Security of Cloud Computing System enabled by Trusted Computing Technology}},
 year = {2010}
}

@book{Shen2013,
 author = {Shen, John Paul and Lipasti, Mikko H},
 publisher = {Waveland Press},
 title = {{Modern processor design: fundamentals of superscalar processors}},
 year = {2013}
}

@inproceedings{Shen2014,
 author = {X. Shen and F. Song and H. Meng and S. An and Z. Zhang},
 booktitle = {{IEEE ICPADS}},
 title = {{RBPP: A row based DRAM page policy for the many-core era}},
 year = {2014}
}

@inproceedings{Shen2018restricting,
 author = {Shen, Zhuojia and Zhou, Jie and Ojha, Divya and Criswell, John},
 booktitle = {CCS},
 title = {Restricting control flow during speculative execution},
 year = {2018}
}

@article{Shen2019restricting,
 author = {Shen, Zhuojia and Zhou, Jie and Ojha, Divya and Criswell, John},
 journal = {arXiv:1903.10651},
 title = {Restricting control flow during speculative execution with venkman},
 year = {2019}
}

@inproceedings{shen2020fast,
 author = {Shen, Zhuojia and Dharsee, Komail and Criswell, John},
 booktitle = {SecDev},
 organization = {IEEE},
 title = {Fast execute-only memory for embedded systems},
 year = {2020}
}

@article{Sherwood2002characterize,
 author = {Sherwood, Timothy and Perelman, Erez and Hamerly, Greg and Calder, Brad},
 journal = {ACM SIGPLAN Notices},
 number = {10},
 title = {Automatically characterizing large scale program behavior},
 volume = {37},
 year = {2002}
}

@inproceedings{Sheth2025protocolllm,
 author = {Sheth, Arnav Miteshkumar and Sheth, Ivaxi and Fritz, Mario},
 booktitle = {Machine Learning for Computer Architecture and Systems},
 title = {ProtocolLLM: RTL Benchmark for SystemVerilog Code Generation of Communication Protocols},
 year = {2025}
}

@inproceedings{Shi2009,
 author = {Shi, Lin and Chen, Hao and Sun, Jianhua},
 booktitle = {Proceedings of the 23rd IEEE International Parallel and Distributed Processing Symposium (IPDPS'09)},
 month = {May},
 publisher = {Ieee},
 title = {{vCUDA: GPU accelerated high performance computing in virtual machines}},
 year = {2009}
}

@inproceedings{shi2011limiting,
 author = {Shi, Jicheng and Song, Xiang and Chen, Haibo and Zang, Binyu},
 booktitle = {DSN-W},
 title = {{Limiting cache-based side-channel in multi-tenant cloud using dynamic page coloring}},
 year = {2011}
}

@inproceedings{shi2011oblivious,
 author = {Shi, Elaine and Chan, T -H Hubert and Stefanov, Emil and Li, Mingfei},
 booktitle = {ASIACRYPT},
 title = {Oblivious RAM with O ((log N) 3) worst-case cost},
 year = {2011}
}

@inproceedings{Shieh2010,
 author = {Shieh, Alan and Kandula, Srikanth and Greenberg, Albert and Kim, Changhoon},
 booktitle = {Proceedings of the 2nd USENIX conference on Hot Topics in Cloud Computing (HotCloud'10)},
 title = {{Seawall: Performance Isolation for Cloud Datacenter Networks}},
 year = {2010}
}

@inproceedings{Shih2017tsgx,
 author = {Shih, Ming-Wei and Lee, Sangho and Kim, Taesoo and Peinado, Marcus},
 booktitle = {NDSS},
 title = {{T-SGX: Eradicating controlled-channel attacks against enclave programs}},
 year = {2017}
}

@inproceedings{Shin2018Prefetch,
 author = {Shin, Youngjoo and Kim, Hyung Chan and Kwon, Dokeun and Jeong, Ji Hoon and Hur, Junbeom},
 booktitle = {CCS},
 title = {{Unveiling Hardware-based Data Prefetcher, a Hidden Source of Information Leakage}},
 year = {2018}
}

@inproceedings{shinde2016preventing,
 author = {Shinde, Shweta and Chua, Zheng Leong and Narayanan, Viswesh and Saxena, Prateek},
 booktitle = {ACM Asia Conference on Computer and Communications Security {(AsiaCCS)}},
 title = {Preventing Page Faults from Telling Your Secrets},
 year = {2016}
}

@inproceedings{Shinde2017Panoply,
 author = {Shinde, Shweta and Le Tien, Dat and Tople, Shruti and Saxena, Prateek},
 booktitle = {NDSS},
 title = {{PANOPLY: Low-TCB Linux Applications With SGX Enclaves}},
 year = {2017}
}

@inproceedings{shoshitaishvili2015firmalice,
 author = {Shoshitaishvili, Yan and Wang, Ruoyu and Hauser, Christophe and Kruegel, Christopher and Vigna, Giovanni},
 booktitle = {NDSS},
 title = {Firmalice - Automatic Detection of Authentication Bypass Vulnerabilities in Binary Firmware},
 year = {2015}
}

@inproceedings{shoshitaishvili2016state,
 author = {Shoshitaishvili, Yan and Wang, Ruoyu and Salls, Christopher and Stephens, Nick and Polino, Mario and Dutcher, Audrey and Grosen, Jessie and Feng, Siji and Hauser, Christophe and Kruegel, Christopher and Vigna, Giovanni},
 booktitle = {S\&P},
 title = {SoK: (State of) The Art of War: Offensive Techniques in Binary Analysis},
 year = {2016}
}

@inproceedings{Shrestha2016,
 author = {Prakash Shrestha and Manar Mohamed and Nitesh Saxena},
 booktitle = {WiSec'16},
 pages = {67--77},
 publisher = {{ACM}},
 title = {{Slogger: Smashing Motion-based Touchstroke Logging with Transparent System Noise}},
 year = {2016}
}

@inproceedings{Shusterman2019,
 author = {Anatoly Shusterman and Lachlan Kang and Yarden Haskal and Yosef Meltser and Prateek Mittal and Yossi Oren and Yuval Yarom},
 booktitle = {USENIX Security Symposium},
 title = {{Robust Website Fingerprinting Through The Cache Occupancy Channel}},
 year = {2019}
}

@inproceedings{Shusterman2021prime,
 author = {Shusterman, Anatoly and Agarwal, Ayush and O'Connell, Sioli and Genkin, Daniel and Oren, Yossi and Yarom, Yuval},
 booktitle = {USENIX Security Symposium},
 title = {{Prime+Probe 1, JavaScript 0: Overcoming Browser-based Side-Channel Defenses}},
 year = {2021}
}

@inproceedings{Sianipar2018,
 author = {Sianipar, Johannes and Sukmana, Muhammad and Meinel, Christoph},
 booktitle = {International Conference on Systems Engineering (ICSEng)},
 title = {Moving Sensitive Data Against Live Memory Dumping, Spectre and Meltdown Attacks},
 year = {2018}
}

@inproceedings{Sibert1995,
 author = {Sibert, Olin and Porras, Phillip and Lindell, Robert},
 booktitle = {IEEE Security \& Privacy},
 title = {{The Intel 80x86 Processor Architecture: Pitfalls for Secure Systems}},
 year = {1995}
}

@online{SiFive2019U74Manual,
 author = {{SiFive}},
 title = {{SiFive U74 Core Complex Manual}},
 url = {https://sifive-china.oss-cn-zhangjiakou.aliyuncs.com/Standard%20Core%20IP/u74_core_complex_manual_21G2.pdf},
 year = {2019}
}

@misc{SiFive2021U54Manual,
 author = {{SiFive}},
 url = {https://starfivetech.com/uploads/u54_core_complex_manual_21G1.pdf},
 year = {2021}
}

@misc{SiFive2022Unmatched,
 author = {{SiFive}},
 title = {{HF105 Datasheet}},
 url = {https://sifive.cdn.prismic.io/sifive/d0556df9-55c6-47a8-b0f2-4b1521546543_hifive-unmatched-datasheet.pdf},
 year = {2022}
}

@misc{SiFive2024Unmatched,
 author = {{SiFive}},
 title = {{HF106 Datasheet}},
 url = {https://www.sifive.com/document-file/hifive-premier-p550-datasheet},
 year = {2024}
}

@misc{SiFive_U74,
 author = {{SiFive}},
 title = {U74 Core Complex Manual},
 url = {https://sifive.cdn.prismic.io/sifive/ad5577a0-9a00-45c9-a5d0-424a3d586060_u74_core_complex_manual_21G3.pdf},
 year = {2022}
}

@misc{Signal2017,
 author = {{Moxie Marlinspike}},
 no-url = {https://signal.org/blog/private-contact-discovery/},
 title = {Technology preview: Private contact discovery for Signal},
 year = {2017}
}

@inproceedings{Silva2017DynSGX,
 author = {Silva, Rodolfo and Barbosa, Pedro and Brito, Andrey},
 booktitle = {{Cloud Computing Technology and Science (CloudCom)}},
 title = {{DynSGX: A Privacy Preserving Toolset for Dinamically Loading Functions into Intel (R) SGX Enclaves}},
 year = {2017}
}

@inproceedings{Silver2014Password,
 author = {David Silver and Suman Jana and Dan Boneh and Eric Chen and Collin Jackson},
 booktitle = {{USENIX}},
 title = {Password Managers: Attacks and Defenses},
 year = {2014}
}

@article{Simon2016,
 author = {Simon, Laurent and Xu, Wenduan and Anderson, Ross},
 journal = {Proceedings on Privacy Enhancing Technologies},
 title = {{Don't Interrupt Me While I Type: Inferring Text Entered Through Gesture Typing on Android Keyboards}},
 year = {2016}
}

@inproceedings{simon2018you,
 author = {Simon, Laurent and Chisnall, David and Anderson, Ross},
 booktitle = {EuroS\&P},
 title = {What you get is what you C: Controlling side effects in mainstream C compilers},
 year = {2018}
}

@book{Singh2016macosxinternals,
 author = {Singh, Amit},
 publisher = {{Addison-Wesley}},
 title = {Mac OS X Internals: A Systems Approach: A Systems Approach},
 year = {2016}
}

@inproceedings{Singh2017rootkit,
 author = {Singh, Baljit and Evtyushkin, Dmitry and Elwell, Jesse and Riley, Ryan and Cervesato, Iliano},
 booktitle = {AsiaCCS},
 title = {On the detection of kernel-level rootkits using hardware performance counters},
 year = {2017}
}

@misc{Sipeed2021Wiki,
 author = {Sipeed},
 title = {Sipeed Wiki},
 url = {https://wiki.sipeed.com/en/index.html},
 year = {2021}
}

@misc{Sipeed2022android,
 author = {Sipeed},
 title = {{RISC-V 64bit chip (C910) run Android 10}},
 url = {https://twitter.com/SipeedIO/status/1457529282134089734},
 year = {2022}
}

@online{Sipeed2023LicheeConsole,
 author = {Sipeed},
 title = {{Lichee Console 4A}},
 url = {https://sipeed.com/licheepi4a},
 year = {2023}
}

@inproceedings{sjosten2019latex,
 author = {Sj{\"o}sten, Alexander and Van Acker, Steven and Picazo-Sanchez, Pablo and Sabelfeld, Andrei},
 booktitle = {NDSS},
 title = {{Latex Gloves: Protecting Browser Extensions from Probing and Revelation Attacks.}},
 year = {2019}
}

@misc{sk2022nobinary,
 author = {Anton Shilov},
 title = {{SK Hynix Shows Off 48GB and 96GB DDR5-6400 Memory Modules}},
 url = {https://www.tomshardware.com/news/sk-hynix-shows-off-48gb-and-96gb-ddr5-6400-memory-modules},
 year = {2022}
}

@inproceedings{Skarlatos2019,
 author = {Skarlatos, Dimitrios and Yan, Mengjia and Gopireddy, Bhargava and Sprabery, Read and Torrellas, Josep and Fletcher, Christopher W.},
 booktitle = {ISCA},
 title = {{MicroScope: Enabling Microarchitectural Replay Attacks}},
 year = {2019}
}

@article{skochinsky2014intel,
 author = {Skochinsky, Igor},
 journal = {Code Blue},
 title = {{Intel ME Secrets}},
 year = {2014}
}

@misc{sktime2025timeseriesforest,
 author = {sktime},
 title = {API Reference - TimeSeriesForestClassifier},
 url = {https://www.sktime.net/en/stable/api_reference/auto_generated/sktime.classification.interval_based.TimeSeriesForestClassifier.html},
 year = {2025}
}

@misc{Slashdot2019RetpolinePerformance,
 author = {{Slashdot EditorDavid}},
 title = {{Two Linux Kernels Revert Performance-Killing Spectre Patches}},
 url = {https://linux.slashdot.org/story/18/11/24/2320228/two-linux-kernels-revert-performance-killing-spectre-patches},
 year = {2019}
}

@inproceedings{Slowinska2009,
 author = {Slowinska, Asia and Bos, Herbert},
 booktitle = {EuroSys},
 title = {Pointless tainting?: evaluating the practicality of pointer tainting},
 year = {2009}
}

@misc{smap_windows,
 author = {{Wikiwand: Supervisor Mode Access Prevention}},
 url = {https://www.wikiwand.com/en/Supervisor_Mode_Access_Prevention},
 year = {2019}
}

@article{Smith1982memories,
 author = {Smith, Alan Jay},
 journal = {ACM Computing Surveys},
 month = {September},
 title = {Cache Memories},
 year = {1982}
}

@article{smith1995microarchitecture,
 author = {Smith, James E and Sohi, Gurindar S},
 journal = {IEEE Computer},
 title = {The microarchitecture of superscalar processors},
 year = {1995}
}

@inproceedings{Smowton2009,
 author = {Smowton, Christopher},
 booktitle = {Proceedings of the 2nd European Workshop on System Security (EUROSEC'09)},
 pages = {36--43},
 title = {{Secure 3D graphics for virtual machines}},
 year = {2009}
}

@misc{snapdragon845,
 author = {Qualcomm},
 month = {December},
 title = {Snapdragon 845 Mobile Platform Product Brief},
 url = {https://www.qualcomm.com/documents/snapdragon-845-mobile-platform-product-brief},
 year = {2017}
}

@inproceedings{Snow2013,
 author = {Snow, Kevin Z and Monrose, Fabian and Davi, Lucas and Dmi\-tri\-en\-ko, Alexandra and Liebchen, Christopher and Sadeghi, Ahmad-Reza},
 booktitle = {S\&P},
 title = {{Just-in-time code reuse: On the effectiveness of fine-grained address space layout randomization}},
 year = {2013}
}

@inproceedings{Snyder2017,
 author = {Snyder, Peter and Taylor, Cynthia and Kanich, Chris},
 booktitle = {CCS},
 title = {{Most Websites Don’t Need to Vibrate: A Cost-Benefit Approach to Improving Browser Security}},
 year = {2017}
}

@software{Snyder2024Verilator,
 author = {Snyder, Wilson and Wasson, Paul and Galbi, Duane and {et al}},
 license = {["LGPL-3.0-only", "Artistic-2.0"]},
 title = {{Verilator}},
 url = {https://github.com/verilator/verilator}
}

@inproceedings{soares2021memory,
 author = {Soares, Luigi and Pereira, Fernando Magno Quint{\~a}n},
 booktitle = {CGO},
 title = {Memory-safe elimination of side channels},
 year = {2021}
}

@inproceedings{Soeken2018Synthesis,
 author = {Mathias Soeken and
Winston Haaswijk and
Eleonora Testa and
Alan Mishchenko and
Luca Gaetano Amar{\`{u}} and
Robert K. Brayton and
Giovanni De Micheli},
 booktitle = {DATE},
 title = {Practical exact synthesis},
 year = {2018}
}

@inproceedings{Soffa2011Exploiting,
 author = {Soffa, Mary Lou and Walcott, Kristen R. and Mars, Jason},
 journal = {Proceedings of the 33rd International Conference on Software Engineering (ICSE)},
 pages = {888--891},
 title = {Exploiting Hardware Advances for Software Testing and Debugging (NIER Track)},
 url = {http://doi.acm.org/10.1145/1985793.1985935},
 year = {2011}
}

@misc{SolarDesigner1997,
 author = {{Solar Designer}},
 month = {August},
 title = {Getting around non-executable stack (and fix)},
 url = {http://seclists.org/bugtraq/1997/Aug/63},
 year = {1997}
}

@inproceedings{Solt2024Cascade,
 author = {Solt, Flavien and Ceesay-Seitz, Katharina and Razavi, Kaveh},
 booktitle = {USENIX Security},
 title = {Cascade: CPU Fuzzing via Intricate Program Generation},
 year = {2024}
}

@inproceedings{Son2010,
 author = {Son, Sooel and Shmatikov, Vitaly},
 booktitle = {{International Conference on Security and Privacy in Communication Systems}},
 title = {{The hitchhiker’s guide to DNS cache poisoning}},
 year = {2010}
}

@inproceedings{son2017making,
 author = {Son, Mungyu and Park, Hyunsun and Ahn, Junwhan and Yoo, Sungjoo},
 booktitle = {DAC},
 title = {Making DRAM stronger against row hammering},
 year = {2017}
}

@inproceedings{Son2025smack,
 author = {Son, Seonghun and Moghimi, Daniel and Gulmezoglu, Berk},
 booktitle = {ASPLOS},
 title = {SMaCk: Efficient Instruction Cache Attacks via Self-Modifying Code Conflicts},
 year = {2025}
}

@inproceedings{Song2001,
 author = {Song, Dawn Xiaodong and Wagner, David and Tian, Xuqing},
 booktitle = {USENIX Security Symposium},
 title = {{Timing Analysis of Keystrokes and Timing Attacks on SSH}},
 year = {2001}
}

@inproceedings{Song2008,
 author = {Dawn Song and David Brumley and Heng Yin and Juan Caballero and Ivan Jager and Min Gyung Kang and Zhenkai Liang and James Newsome and Pongsin Poosankam and Prateek Saxena},
 booktitle = {International Conference on Information Systems Security},
 title = {{BitBlaze}: A New Approach to Computer Security via Binary Analysis},
 year = {2008}
}

@inproceedings{song2018fine,
 author = {Song, Linhai and Xing, Xinyu},
 booktitle = {SALAD},
 title = {Fine-grained library customization},
 year = {2018}
}

@inproceedings{Song2019dynamic,
 author = {Wei Song and Peng Liu},
 booktitle = {{RAID}},
 title = {{Dynamically Finding Minimal Eviction Sets Can be Quicker Than You Think for Side-Channel Attacks Against the LLC}},
 year = {2019}
}

@book{Sorin2011,
 author = {Sorin, Daniel J. and Hill, Mark D. and Wood, David A.},
 title = {{A Primer on Memory Consistency and Cache Coherence}},
 year = {2011}
}

@inproceedings{Soundararajan2010,
 author = {Soundararajan, Gokul and Prabhakaran, Vijayan and Balakrishnan, Mahesh and Wobber, Ted},
 booktitle = {{USENIX FAST}},
 title = {{Extending SSD Lifetimes with Disk-Based Write Caches.}},
 year = {2010}
}

@misc{SpacemiT2024K1,
 author = {{SpacemiT}},
 title = {{SpacemiT Key Stone K1}},
 url = {https://www.spacemit.com/en/key-stone-k1/},
 year = {2024}
}

@article{sparks2005shadow,
 author = {Sparks, Sherri and Butler, Jamie},
 journal = {Black Hat Japan},
 title = {Shadow walker: Raising the bar for rootkit detection},
 year = {2006}
}

@article{sparks2007security,
 author = {Sparks, Evan R and Sparks, Evan R},
 journal = {Dept. Comput. Sci., Dartmouth College, Hanover, NH, USA, Tech. Rep., TR2007-597},
 title = {{A security assessment of trusted platform modules computer science technical report TR2007-597}},
 year = {2007}
}

@misc{SpecCPU2017,
 author = {Standard Performance Evaluation Corporation},
 title = {{SPEC CPU 2017}},
 url = {https://www.spec.org/cpu2017/},
 year = {2017}
}

@misc{spectreV42018,
 title = {Spectre Variant 4},
 url = {https://bugs.chromium.org/p/project-zero/issues/detail?id=1528},
 year = {2018}
}

@misc{speculativeStoreBypass2018,
 title = {Speculative Store Bypass},
 url = {https://blogs.technet.microsoft.com/srd/2018/05/21/analysis-and-mitigation-of-speculative-store-bypass-cve-2018-3639/},
 year = {2018}
}

@article{speechminer,
 author = {Xiao, Yuan and Zhang, Yinqian and Teodorescu, Radu},
 journal = {arXiv preprint arXiv:1912.00329},
 title = {SPEECHMINER: A Framework for Investigating and Measuring Speculative Execution Vulnerabilities},
 year = {2019}
}

@misc{SpeechminerGithub,
 author = {Yuan Xiao and Yinqian Zhang and Radu Teodorescu},
 title = {SpeechMiner},
 url = {https://github.com/teecert/SpeechMiner},
 year = {2020}
}

@misc{Spengler2013,
 author = {Brad Spengler},
 title = {{KASLR: An Exercise in Cargo Cult Security}},
 url = {https://grsecurity.net/kaslr_an_exercise_in_cargo_cult_security.php},
 year = {2013}
}

@misc{SpidermonkeyInlineCaches2017,
 author = {Jan de Mooij},
 title = {{CacheIR: A new approach to Inline Caching in Firefox}},
 url = {https://jandemooij.nl/blog/2017/01/25/cacheir/},
 year = {2017}
}

@misc{SpidermonkeyJit2019,
 author = {Jan de Mooij},
 title = {{The Baseline Interpreter: a faster JS interpreter in Firefox 70}},
 url = {https://hacks.mozilla.org/2019/08/the-baseline-interpreter-a-faster-js-interpreter-in-firefox-70/},
 year = {2019}
}

@article{Spiegel2013,
 day = {29},
 month = {12},
 publisher = {Der Spiegel},
 title = {Inside TAO: Documents Reveal Top NSA Hacking Unit},
 url = {https://www.spiegel.de/international/world/the-nsa-uses-powerful-toolbox-in-effort-to-spy-on-global-networks-a-940969.html},
 year = {2013}
}

@misc{SPLASH2X,
 author = {{PARSEC Group}},
 month = {June},
 title = {{A Memo on Exploration of SPLASH-2 Input Sets}},
 url = {http://parsec.cs.princeton.edu},
 year = {2011}
}

@inproceedings{Spreitzer2013COSADE,
 author = {Raphael Spreitzer and Thomas Plos},
 booktitle = {COSADE},
 title = {{Cache-Access Pattern Attack on Disaligned AES T-Tables}},
 year = {2013}
}

@inproceedings{Spreitzer2014PIN,
 author = {Spreitzer, Raphael},
 booktitle = {{Proceedings of the 4th ACM Workshop on Security and Privacy in Smartphones \& Mobile Devices}},
 title = {{Pin skimming: Exploiting the ambient-light sensor in mobile devices}},
 year = {2014}
}

@inproceedings{Spreitzer2016fingerprint,
 author = {Spreitzer, Raphael and Griesmayr, Simone and Korak, Thomas and Mangard, Stefan},
 booktitle = {WiSec},
 title = {Exploiting data-usage statistics for website fingerprinting attacks on Android},
 year = {2016}
}

@article{Spreitzer2016sok,
 author = {Spreitzer, Raphael and Moonsamy, Veelasha and Korak, Thomas and Mangard, Stefan},
 journal = {arXiv:1611.03748},
 title = {SoK: Systematic Classification of Side-Channel Attacks on Mobile Devices},
 year = {2016}
}

@article{spreitzer2017sok,
 author = {Spreitzer, Raphael and Moonsamy, Veelasha and Korak, Thomas and Mangard, Stefan},
 journal = {IEEE Communications Surveys \& Tutorials},
 number = {1},
 pages = {465--488},
 title = {Systematic classification of side-channel attacks: a case study for mobile devices},
 volume = {20},
 year = {2017}
}

@article{Spreitzer2017sok,
 author = {Spreitzer, Raphael and Moonsamy, Veelasha and Korak, Thomas and Mangard, Stefan},
 journal = {IEEE Communications Surveys \& Tutorials},
 number = {1},
 pages = {465--488},
 title = {Systematic classification of side-channel attacks: a case study for mobile devices},
 volume = {20},
 year = {2017}
}

@inproceedings{Spreitzer2018procharvester,
 author = {Spreitzer, Raphael and Kirchengast, Felix and Gruss, Daniel and Mangard, Stefan},
 booktitle = {{AsiaCCS}},
 title = {{ProcHarvester: Fully Automated Analysis of Procfs Side-Channel Leaks on Android}},
 year = {2018}
}

@inproceedings{Spreitzer2018scandroid,
 author = {Spreitzer, Raphael and Palfinger, Gerald and Mangard, Stefan},
 booktitle = {{11th ACM Conference on Security and Privacy in Wireless and Mobile Networks}},
 title = {{SCAnDroid: Automated Side-Channel Analysis of Android APIs}},
 year = {2018}
}

@misc{Sprengers2011,
 author = {Sprengers, Martijn},
 howpublished = {Master Thesis, Radboud University Nijmegen},
 title = {{GPU-based Password Cracking}},
 year = {2011}
}

@misc{StackShield2011,
 author = {{Stack Shield}},
 title = {A stack smashing technique protection tool for Linux},
 year = {2011}
}

@misc{Startin2020alias,
 author = {Richard Startin},
 title = {{4k Aliasing}},
 url = {https://richardstartin.github.io/posts/4k-aliasing},
 year = {2020}
}

@misc{Statcounter2023OS,
 author = {StatCounter Global Stats},
 title = {{Operating System Market Share Worldwide}},
 url = {https://gs.statcounter.com/os-market-share/desktop/worldwide},
 year = {2023}
}

@misc{Statcounter2023OSmacversion,
 author = {StatCounter Global Stats},
 title = {{Operating System macOS Version Market Share Worldwide}},
 url = {https://gs.statcounter.com/os-version-market-share/macos/desktop/worldwide},
 year = {2023}
}

@misc{Statcounter2023OSwinversion,
 author = {StatCounter Global Stats},
 title = {{Operating System Windows Version Market Share Worldwide}},
 url = {https://gs.statcounter.com/os-version-market-share/windows/desktop/worldwide},
 year = {2023}
}

@misc{StatcounterAndroid2020,
 author = {StatCounter Global Stats},
 title = {{Mobile {\&} Tablet Android Version Market Share Worldwide}},
 url = {https://gs.statcounter.com/android-version-market-share/mobile-tablet/worldwide},
 year = {2020}
}

@misc{StatcounterBrowser2023,
 author = {StatCounter Global Stats},
 title = {{Desktop Browser Market Share Worldwide}},
 url = {https://gs.statcounter.com/browser-market-share/desktop/worldwide},
 year = {2023}
}

@article{Stecklina2018,
 author = {Stecklina, Julian and Prescher, Thomas},
 journal = {arXiv:1806.07480},
 title = {{LazyFP: Leaking FPU Register State using Microarchitectural Side-Channels}},
 year = {2018}
}

@article{stecklina2018lazyfp,
 author = {Stecklina, Julian and Prescher, Thomas},
 journal = {arXiv preprint arXiv:1806.07480},
 title = {Lazyfp: Leaking fpu register state using microarchitectural side-channels},
 year = {2018}
}

@misc{Stecklina2019Github,
 author = {Julian Stecklina},
 title = {{L1tf Demo}},
 url = {{https://github.com/blitz/l1tf-demo}},
 year = {2019}
}

@misc{Stecklina2019L1TF,
 author = {Stecklina, Julian},
 month = {January},
 title = {{[RFC] x86/speculation: add L1 Terminal Fault / Foreshadow demo}},
 url = {https://lkml.org/lkml/2019/1/21/606},
 year = {2019}
}

@misc{StecklinaL1TFKVM,
 author = {Julian Stecklina},
 title = {{An demonstrator for the L1TF/Foreshadow vulnerability}},
 url = {{https://github.com/blitz/l1tf-demo}},
 year = {2019}
}

@inproceedings{Steensgaard1996points,
 author = {Bjarne Steensgaard},
 booktitle = {POPL},
 title = {Points-to Analysis in Almost Linear Time},
 year = {1996}
}

@inproceedings{Stefan2014,
 author = {Deian Stefan and Edward Z. Yang and Petr Marchenko and Alejandro Russo and Dave Herman and Brad Karp and David Mazi{\`e}res},
 booktitle = {USENIX Symposium on Operating Systems Design and Implementation},
 title = {Protecting Users by Confining JavaScript with COWL},
 year = {2014}
}

@article{stefanov2011towards,
 author = {Stefanov, Emil and Shi, Elaine and Song, Dawn},
 journal = {arXiv preprint arXiv:1106.3652},
 title = {Towards practical oblivious RAM},
 year = {2011}
}

@article{Stefanov2011Towards,
 author = {Stefanov, Emil and Shi, Elaine and Song, Dawn},
 journal = {arXiv preprint},
 title = {Towards practical oblivious RAM},
 year = {2011}
}

@inproceedings{Stefanov2012,
 author = {Stefanov, Emil and {Van Dijk}, Marten and Juels, Ari and Oprea, Alina},
 booktitle = {Proceedings of the 28th Annual Computer Security Applications Conference (ACSAC'12)},
 pages = {229--238},
 title = {{Iris : A Scalable Cloud File System with Efficient Integrity Checks Emil Stefanov}},
 year = {2012}
}

@article{Stefanov2018Path,
 author = {Stefanov, Emil and Dijk, Marten van and Shi, Elaine and Chan, T-H Hubert and Fletcher, Christopher and Ren, Ling and Yu, Xiangyao and Devadas, Srinivas},
 journal = {JACM},
 title = {Path ORAM: an extremely simple oblivious RAM protocol},
 year = {2018}
}

@inproceedings{Steffens2021Blockparty,
 author = {Steffens, Marius and Musch, Marius and Johns, Martin and Stock, Ben},
 booktitle = {{NDSS}},
 title = {{Who's Hosting the Block Party? Studying Third-Party Blockage of CSP and SRI}},
 year = {2021}
}

@misc{Steil2008,
 author = {Steil, Michael},
 title = {{How MOS 6502 Illegal Opcodes really work}},
 url = {https://www.pagetable.com/?p=39},
 year = {2008}
}

@inproceedings{Stephens2016,
 author = {Stephens, Nick and Grosen, John and Salls, Christopher and Dutcher, Andrew and Wang, Ruoyu and Corbetta, Jacopo and Shoshitaishvili, Yan and Kruegel, Christopher and Vigna, Giovanni},
 booktitle = {{NDSS}},
 title = {{Driller: Augmenting Fuzzing Through Selective Symbolic Execution.}},
 year = {2016}
}

@misc{Stetic2024browser,
 author = {Stetic},
 title = {{Browser Statistics}},
 url = {{https://www.stetic.com/market-share/browser/}},
 year = {2024}
}

@article{Stone2013,
 author = {Stone, Paul},
 journal = {Context Information Security (White Paper)},
 title = {{Pixel perfect timing attacks with HTML5}},
 year = {2013}
}

@inproceedings{Strackx2009breaking,
 author = {Strackx, Raoul and Younan, Yves and Philippaerts, Pieter and Piessens, Frank and Lachmund, Sven and Walter, Thomas},
 booktitle = {EuroSys},
 title = {Breaking the memory secrecy assumption},
 year = {2009}
}

@article{Strackx2017heisenberg,
 author = {Strackx, Raoul and Piessens, Frank},
 journal = {arXiv:1712.08519},
 month = {December},
 title = {The Heisenberg Defense: Proactively Defending SGX Enclaves against Page-Table-Based Side-Channel Attacks},
 year = {2017}
}

@inproceedings{Strobel2015,
 author = {Strobel, Daehyun and Bache, Florian and Oswald, David and Schellenberg, Falk and Paar, Christof},
 booktitle = {DATE},
 title = {Scandalee: a side-channel-based disassembler using local electromagnetic emanations},
 year = {2015}
}

@inproceedings{Strobel2015scandalee,
 author = {Strobel, Daehyun and Bache, Florian and Oswald, David and Schellenberg, Falk and Paar, Christof},
 booktitle = {DATE},
 title = {{SCANDALee: A Side-ChANnel-based DisAssembLer using Local Electromagnetic Emanations}},
 year = {2015}
}

@inproceedings{Strupe2020Armshaker,
 author = {Strupe, Fredrik and Kumar, Rakesh},
 booktitle = {HASP},
 title = {{Uncovering hidden instructions in Armv8-A implementations}},
 year = {2020}
}

@misc{STtpmBrief,
 author = {{ST Microelectronics}},
 title = {{ST33TPHF2ESPI Product Brief}},
 url = {https://www.st.com/resource/en/data_brief/st33tphf2espi.pdf},
 year = {2019}
}

@misc{STtpmCCcert,
 author = {{ST Microelectronics}},
 title = {{CC for IT security evaluation: Trusted Platform Module ST33TPHF2E mode TPM2.0}},
 url = {https://www.ssi.gouv.fr/uploads/2018/10/anssi-cible-cc-2018_41en.pdf},
 year = {2019}
}

@article{Su2021Survey,
 author = {Su, Chao and Zeng, Qingkai},
 journal = {Security and Communication Networks},
 title = {Survey of CPU cache-based side-channel attacks: systematic analysis, security models, and countermeasures},
 year = {2021}
}

@misc{suchanek2025zvpcurve,
 author = {Vojtěch Suchánek and Vladimír Sedláček and Marek Sýs},
 howpublished = {Cryptology {ePrint} Archive, Paper 2025/076},
 title = {Decompose and conquer: {ZVP} attacks on {GLV} curves},
 year = {2025}
}

@inproceedings{Sudhakar2007,
 author = {Sudhakar, M and Kamala, Ramachandruni Venkata and Srinivas, MB},
 booktitle = {IFIP International Conference on Very Large Scale Integration},
 title = {A bit-sliced, scalable and unified Montgomery multiplier architecture for RSA and ECC},
 year = {2007}
}

@article{suh2004secure,
 author = {Suh, G Edward and Lee, Jae W and Zhang, David and Devadas, Srinivas},
 journal = {Sigplan},
 title = {Secure program execution via dynamic information flow tracking},
 year = {2004}
}

@inproceedings{Suh2007,
 author = {Suh, G. Edward and Devadas, Srinivas},
 booktitle = {Proceedings of the 44th annual Design Automation Conference},
 month = {June},
 pages = {9--14},
 publisher = {Ieee},
 title = {{Physical Unclonable Functions for Device Authentication and Secret Key Generation}},
 url = {http://www.crossref.org/deleted\_DOI.html},
 year = {2007}
}

@article{Sukwong2011,
 author = {Sukwong, Orathai and Kim, Hyong and Hoe, James},
 journal = {Computer},
 month = {March},
 publisher = {IEEE},
 title = {Commercial Antivirus Software Effectiveness: An Empirical Study},
 year = {2011}
}

@inproceedings{Sullivan2011Retrofitting,
 author = {O’sullivan, P{\'a}draig and Anand, Kapil and Kotha, Aparna and Smithson, Matthew and Barua, Rajeev and Keromytis, Angelos D},
 booktitle = {IFIP},
 title = {{Retrofitting security in COTS software with binary rewriting}},
 year = {2011}
}

@inproceedings{Sullivan2018minefields,
 author = {Sullivan, Dean and Arias, Orlando and Meade, Travis and Jin, Yier},
 booktitle = {NDSS},
 title = {{Microarchitectural Minefields: 4K-aliasing Covert Channel and Multi-tenant Detection in IaaS Clouds}},
 year = {2018}
}

@misc{Sun2019specmem,
 author = {Sun, Ke and Branco, Rodrigo and Hu, Kekai},
 title = {{A New Memory Type Against Speculative Side Channel Attacks}},
 year = {2019}
}

@misc{Suse2018DisableBP,
 author = {{SUSE}},
 title = {{Security update for kernel-firmware}},
 url = {https://www.suse.com/support/update/announcement/2018/suse-su-20180008-1/},
 year = {2018}
}

@inproceedings{Suzaki2011,
 author = {Suzaki, Kuniyasu and Iijima, Kengo and Yagi, Toshiki and Artho, Cyrille},
 booktitle = {EuroSys},
 title = {{Memory Deduplication as a Threat to the Guest OS}},
 year = {2011}
}

@article{swanson2003evaluation,
 author = {Swanson, Steven and McDowell, Luke K and Swift, Michael M and Eggers, Susan J and Levy, Henry M},
 journal = {TOCS},
 title = {An evaluation of speculative instruction execution on simultaneous multithreaded processors},
 year = {2003}
}

@inproceedings{swierzy2024teem,
 author = {Swierzy, Ben and Hoffmann, Melina and Boes, Felix and Betke, Felix and Hein, Lennart and Shevchishin, Maxim and Sohn, Jan-Niklas and Meier, Michael},
 booktitle = {Sicherheit 2024},
 organization = {Gesellschaft f{\"u}r Informatik eV},
 title = {TEEM: A CPU Emulator for Teaching Transient Execution Attacks},
 year = {2024}
}

@misc{Swinnen2017,
 author = {Swinnen, Arne},
 title = {{Authentication bypass on Uber's Single Sign-On via subdomain takeover}},
 url = {https://www.arneswinnen.net/2017/06/authentication-bypass-on-ubers-sso-via-subdomain-takeover/},
 year = {2017}
}

@misc{swTPM,
 author = {{strongSwan}},
 title = {{Trusted Platform Module 2.0 - strongSwan}},
 url = {https://wiki.strongswan.org/projects/strongswan/wiki/TpmPlugin},
 year = {2019}
}

@misc{Sylvain2015,
 author = {Sylvain, Nicolas},
 month = {October},
 title = {{A new approach to browser security: the Google Chrome Sandbox}},
 url = {https://blog.chromium.org/2008/10/new-approach-to-browser-security-google.html},
 year = {2008}
}

@article{Szefer2016,
 author = {Jakub Szefer},
 journal = {Cryptology ePrint Archive, Report 2016/479},
 title = {{Survey of Microarchitectural Side and Covert Channels, Attacks, and Defenses}},
 year = {2016}
}

@article{Szefer2019survey,
 author = {Szefer, Jakub},
 journal = {Journal of Hardware and Systems Security},
 number = {3},
 pages = {219--234},
 publisher = {Springer},
 title = {Survey of microarchitectural side and covert channels, attacks, and defenses},
 volume = {3},
 year = {2019}
}

@inproceedings{Szekeres2013sok,
 author = {Szekeres, Laszlo and Payer, Mathias and Wei, Tao and Song, Dawn},
 booktitle = {S\&P},
 title = {{SoK: Eternal War in Memory}},
 year = {2013}
}

@inproceedings{Takahashi2013,
 author = {Takahashi, Junko and Fukunaga, Toshinori and Aoki, Kazumaro and Fuji, Hitoshi},
 booktitle = {ACISP},
 title = {Highly accurate key extraction method for access-driven cache attacks using correlation coefficient},
 year = {2013}
}

@article{takahashi2018new,
 author = {Takahashi, Akira and Tibouchi, Mehdi and Abe, Masayuki},
 doi = {10.13154/tches.v2018.i3.331-371},
 journal = {IACR Transactions on Cryptographic Hardware and Embedded Systems},
 month = {Aug.},
 number = {3},
 pages = {331-371},
 title = {New Bleichenbacher Records: Fault Attacks on qDSA Signatures},
 url = {https://tches.iacr.org/index.php/TCHES/article/view/7278},
 volume = {2018},
 year = {2018}
}

@book{Takanen2018fuzzing,
 author = {Takanen, Ari and Demott, Jared D and Miller, Charles and Kettunen, Atte},
 publisher = {Artech House},
 title = {Fuzzing for software security testing and quality assurance},
 year = {2018}
}

@inproceedings{Takei2015,
 author = {Takei, Naoki and Saito, Takamichi and Takasu, Ko and Yamada, Tomotaka},
 booktitle = {International Conference on Broad-Band Wireless Computing, Communication and Applications, {BWCCA}},
 title = {Web Browser Fingerprinting Using Only Cascading Style Sheets},
 year = {2015}
}

@misc{Tallis2018,
 author = {Tallis, Billy},
 month = {March},
 title = {Best SSDs: Q2 2018},
 url = {https://www.anandtech.com/show/9799/best-ssds},
 year = {2018}
}

@inproceedings{tan2020phantomcache,
 author = {Tan, Qinhan and Zeng, Zhihua and Bu, Kai and Ren, Kui},
 booktitle = {NDSS},
 title = {{PhantomCache: Obfuscating Cache Conflicts with Localized Randomization}},
 year = {2020}
}

@inproceedings{Tan2020Phantomcache,
 author = {Tan, Qinhan and Zeng, Zhihua and Bu, Kai and Ren, Kui},
 booktitle = {NDSS},
 title = {{PhantomCache: Obfuscating Cache Conflicts with Localized Randomization}},
 year = {2020}
}

@inproceedings{Tang2015,
 author = {Tang, Adrian and Sethumadhavan, Simha and Stolfo, Salvatore},
 booktitle = {CCS},
 title = {Heisenbyte: Thwarting memory disclosure attacks using destructive code reads},
 year = {2015}
}

@inproceedings{Tang2017,
 author = {Adrian Tang and Simha Sethumadhavan and Salvatore Stolfo},
 booktitle = {USENIX Security Symposium},
 title = {{CLK\-SCREW}: Exposing the Perils of Security-Oblivious Energy Management},
 year = {2017}
}

@inproceedings{Tang2019,
 author = {Tang, Churan and Liu, Zongbin and Ma, Cunqing and Ge, Jingquan and Tu, Chenyang},
 booktitle = {International Conference on Information and Communications Security},
 title = {{SecFlush: A Hardware/Software Collaborative Design for Real-Time Detection and Defense Against Flush-Based Cache Attacks}},
 year = {2019}
}

@article{Tankard2011advanced,
 author = {Tankard, Colin},
 journal = {Network security},
 number = {8},
 pages = {16--19},
 publisher = {Elsevier},
 title = {{Advanced persistent threats and how to monitor and deter them}},
 volume = {2011},
 year = {2011}
}

@inproceedings{Tannous2008,
 author = {Albert Tannous and Jonathan T. Trostle and Mohamed Hassan and Stephen E. McLaughlin and Trent Jaeger},
 booktitle = {ACSAC},
 pages = {45--54},
 title = {{New Side Channels Targeted at Passwords}},
 year = {2008}
}

@inproceedings{Taram2019,
 author = {Taram, Mohammadkazem and Venkat, Ashish and Tullsen, DM},
 booktitle = {ASPLOS},
 title = {Con\-text-sensitive fencing: Securing speculative execution via microcode customization},
 year = {2019}
}

@inproceedings{Taram2019context,
 author = {Mohammadkazem Taram and Dean Tullsen and Ashish Venkat and Hossein Sayadi and Han Wang and Sai Manoj PD and Houman Homayoun},
 booktitle = {{GOMACTECH}},
 title = {{Fast and Efficient Deployment of Security Defenses via Context Sensitive Decoding}},
 year = {2019}
}

@inproceedings{Taram2022SecSMT,
 author = {Mohammadkazem Taram and Xida Ren and Ashish Venkat and Dean Tullsen},
 booktitle = {USENIX Security},
 title = {{SecSMT}: Securing {SMT} Processors against {Contention-Based} Covert Channels},
 year = {2022}
}

@article{tarjan1972depth,
 author = {Tarjan, Robert},
 journal = {SIAM journal on computing},
 month = {June},
 title = {Depth-first search and linear graph algorithms},
 year = {1972}
}

@inproceedings{Tatar2018,
 author = {Tatar, Andrei and Krishnan, Radhesh and Athanasopoulos, Elias and Giuffrida, Cristiano and Bos, Herbert and Razavi, Kaveh},
 booktitle = {{USENIX} {ATC}},
 title = {Throwhammer: {Rowhammer} {Attacks} over the {Network} and {Defenses}},
 year = {2018}
}

@inproceedings{Tatar2018defeating,
 author = {Tatar, Andrei and Giuffrida, Cristiano and Bos, Herbert and Razavi, Kaveh},
 booktitle = {RAID},
 title = {{Defeating software mitigations against rowhammer: a surgical precision hammer}},
 year = {2018}
}

@inproceedings{tatar2022tlb,
 author = {Tatar, Andrei and Trujillo, Dani{\"e}l and Giuffrida, Cristiano and Bos, Herbert},
 booktitle = {USENIX},
 title = {{TLB; DR}: Enhancing {TLB}-based Attacks with {TLB} Desynchronized Reverse Engineering},
 year = {2022}
}

@inproceedings{Tatar2022TLBDR,
 author = {Andrei Tatar and Daniël Trujillo and Cristiano Giuffrida and Herbert Bos},
 booktitle = {USENIX Security Symposium},
 title = {{TLB;DR: Enhancing TLB-based Attacks with TLB Desynchronized Reverse Engineering}},
 year = {2022}
}

@inproceedings{taylor1990tlb,
 author = {Taylor, George and Davies, Peter and Farmwald, Michael},
 booktitle = {ISCA},
 title = {The TLB slice—a low-cost high-speed address translation mechanism},
 year = {1990}
}

@article{tcg2005client,
 author = {TCG, PC},
 journal = {Trusted Computing Group},
 title = {{Client Specific-TPM Interface Specification (TIS) Version 1.2}},
 year = {2005}
}

@article{tcgCRB,
 author = {TCG, PC},
 journal = {Trusted Computing Group},
 title = {{TPM 2.0 Mobile Command Response Buffer Interface}},
 year = {2014}
}

@misc{TCGPP,
 author = {{Trusted Computing Group}},
 title = {{Protection Profile PC Client Specific TPM}},
 url = {https://trustedcomputinggroup.org/wp-content/uploads/TCG_PP_PCClient_Specific_TPM2.0_v1.1_r1.38.pdf},
 year = {2019}
}

@misc{Tempest1972,
 author = {National Security Agency},
 no-url = {https://www.nsa.gov/Portals/70/documents/news-features/declassified-documents/cryptologic-spectrum/tempest.pdf},
 title = {{TEMPEST: A Signal Problem}},
 year = {1972}
}

@misc{TencentSpectreV1,
 author = {Tencent-Xuanwu-Lab},
 title = {{check.js - Spectre Check}},
 url = {https://xlab.tencent.com/special/spectre/js/check.js},
 year = {2018}
}

@inproceedings{Teofilo2013Computing,
 author = {Te{\'o}filo, Lu{\'\i}s Filipe and Reis, Lu{\'\i}s Paulo and Cardoso, Henrique Lopes},
 booktitle = {CISTI},
 title = {Computing card probabilities in Texas Hold'em},
 year = {2013}
}

@inproceedings{Teran2016,
 author = {Teran, Elvira and Wang, Zhe and Jim{\'e}nez, Daniel A},
 booktitle = {Microarchitecture (MICRO), 2016 49th Annual IEEE/ACM International Symposium on},
 organization = {IEEE},
 pages = {1--12},
 title = {Perceptron learning for reuse prediction},
 year = {2016}
}

@misc{terjanq2023xssearch,
 author = {{terjanq}},
 title = {{exploit.js - CTF Challenge Solution using CSS-based XS-Search Attack}},
 url = {https://gist.github.com/terjanq/33bbb8828839994c848c3b76c1ac67b1},
 year = {2023}
}

@misc{terry2000method,
 author = {Terry, Philip Frank},
 month = {May},
 note = {US Patent 6,061,356},
 publisher = {Google Patents},
 title = {Method and apparatus for switching routable frames between disparate media},
 year = {2000}
}

@misc{THead2021C906Datasheet,
 author = {{T-Head}},
 title = {{T-Head XuanTie C906 Manual}},
 url = {https://github.com/T-head-Semi/openc906/blob/main/doc/openc906%20datasheet.pdf},
 year = {2021}
}

@misc{THead2021OpenC906C906,
 author = {{T-Head}},
 title = {{openC906}},
 url = {https://github.com/T-head-Semi/openc906},
 year = {2021}
}

@misc{THead2021OpenC910,
 author = {{T-Head}},
 title = {{openC910}},
 url = {https://github.com/T-head-Semi/openc910},
 year = {2021}
}

@misc{THead2022C906,
 author = {{T-Head}},
 title = {{C906}},
 url = {https://www.t-head.cn/product/c906},
 year = {2022}
}

@misc{Thead2022Customvector,
 author = {T-Head},
 title = {XTheadVector},
 url = {https://github.com/XUANTIE-RV/thead-extension-spec/blob/master/xtheadvector/intrinsics.adoc},
 year = {2022}
}

@misc{THead2022Extension,
 author = {{T-Head}},
 title = {{T-Head Extension Spec}},
 url = {https://github.com/T-head-Semi/thead-extension-spec},
 year = {2022}
}

@misc{THead2024stat,
 author = {{Kelly Le}},
 note = {Retrieved 2024-09-10},
 title = {{Alibaba's Damo Academy plans to launch latest version of its XuanTie RISC-V processor this year}},
 url = {https://www.scmp.com/tech/big-tech/article/3255830/alibabas-damo-academy-plans-launch-latest-version-its-xuantie-risc-v-processor-year},
 year = {2024}
}

@misc{theexpresswire2023gamingperipheralmarket,
 author = {The Express Wire},
 title = {{Gaming Peripherals Market Size 2023 Global Gross Margin Analysis}},
 url = {https://www.theexpresswire.com/pressrelease/Gaming-Peripherals-Market-Size-2023-Global-Gross-Margin-Analysis-Industry-Leading-Players-Update-Development-History-Business-Prospect-Research-Report-2030_21832752},
 year = {2023}
}

@inproceedings{Theodorides2017breaking,
 author = {Theodorides, Michael and Wagner, David},
 booktitle = {Hardware Oriented Security and Trust (HOST)},
 title = {Breaking active-set backward-edge CFI},
 year = {2017}
}

@inproceedings{thomas2023hammulator,
 author = {Thomas, Fabian and Gerlach, Lukas and Schwarz, Michael},
 booktitle = {DRAMSec},
 title = {{Hammulator: Simulate Now -- Exploit Later}},
 year = {2023}
}

@misc{Thomas2024Ghostwriteweb,
 author = {Fabian Thomas and Lorenz Hetterich and Ruiyi Zhang and Daniel Weber and Lukas Gerlach and Michael Schwarz},
 title = {{GhostWrite Attack}},
 url = {https://ghostwriteattack.com/},
 year = {2024}
}

@book{Thomas2024Launchpad,
 author = {{Lottie Thomas}},
 publisher = {{Focusrite Audio Engineering LTD}},
 title = {Launchpad MK2 Programmer's Reference Manual v1.03},
 year = {2024}
}

@misc{Thomas2024RISCVuzz,
 author = {Thomas, Fabian and Hetterich, Lorenz and Zhang, Ruiyi and Weber, Daniel and Gerlach, Lukas and Schwarz, Michael},
 howpublished = {\url{https://ghostwriteattack.com/}},
 title = {{RISCVuzz}: Discovering Architectural {CPU} Vulnerabilities via Differential Hardware Fuzzing},
 year = {2024}
}

@inproceedings{Thomas2025Exfilstate,
 author = {Fabian Thomas and Michael Torres and Daniel Moghimi and Michael Schwarz},
 booktitle = {CCS},
 title = {{ExfilState: Automated Discovery of Timer-Free Cache Side Channels on ARM CPUs}},
 year = {2025}
}

@inproceedings{Thomas2025Ghostwrite,
 author = {Fabian Thomas and Eric Garc{\'i}a Arribas and Lorenz Hetterich and Daniel Weber and Lukas Gerlach and Ruiyi Zhang and Michael Schwarz},
 booktitle = {CCS},
 title = {{RISCover: Automatic Discovery of User-exploitable Architectural Security Vulnerabilities in Closed-Source RISC-V CPUs}},
 year = {2025}
}

@inproceedings{Thomas2025RISCover,
 author = {Fabian Thomas and Eric Garc{\'i}a Arribas and Lorenz Hetterich and Daniel Weber and Lukas Gerlach and Ruiyi Zhang and Michael Schwarz},
 booktitle = {CCS},
 title = {{RISCover: Automatic Discovery of User-exploitable Architectural Security Vulnerabilities in Closed-Source RISC-V CPUs}},
 year = {2025}
}

@misc{Thomas2025RiscoverAnon,
 author = {Anonymized (Under submission)},
 title = {{Anonymized for Double Blind Submission}},
 year = {2025}
}

@article{Thompson1984,
 author = {Thompson, Ken},
 journal = {Communications of the ACM},
 number = {8},
 title = {{Reflections on Trusting Trust}},
 volume = {27},
 year = {1984}
}

@inproceedings{Tian2015defending,
 author = {Tian, Dave Jing and Bates, Adam and Butler, Kevin},
 booktitle = {{ACSAC}},
 title = {Defending against malicious USB firmware with GoodUSB},
 year = {2015}
}

@inproceedings{Tian2016Making,
 author = {Tian, Dave Jing and Scaife, Nolen and Bates, Adam and Butler, Kevin and Traynor, Patrick},
 booktitle = {{USENIX}},
 title = {{Making USB great again with USBFILTER}},
 year = {2016}
}

@inproceedings{Tian2018sok,
 author = {Tian, Jing and Scaife, Nolen and Kumar, Deepak and Bailey, Michael and Bates, Adam and Butler, Kevin},
 booktitle = {S\&P},
 title = {SoK:" Plug \& Pray" today--understanding USB insecurity in versions 1 through C},
 year = {2018}
}

@inproceedings{Tice2014ForwardCFI,
 author = {Tice, Caroline and Roeder, Tom and Collingbourne, Peter and Checkoway, Stephen and Erlingsson, \'{U}lfar and Lozano, Luis and Pike, Geoff},
 booktitle = {USENIX Security},
 title = {{Enforcing Forward-Edge Control-Flow Integrity in GCC \& LLVM}},
 year = {2014}
}

@misc{Timer19,
 url = {https://bugs.chromium.org/p/chromium/issues/detail?id=821270},
 year = {2019}
}

@inproceedings{Tiri2007,
 author = {Tiri, Kris and Ac\i{}i\c{c}mez, Onur and Neve, Michael and Andersen, Flemming},
 booktitle = {Proceedings of the 14th International Workshop on Fast Software Encryption},
 pages = {399--413},
 title = {{An analytical model for time-driven cache attacks}},
 year = {2007}
}

@inproceedings{Tischer2016USB,
 author = {Tischer, Matthew and Durumeric, Zakir and Foster, Sam and Duan, Sunny and Mori, Alec and Bursztein, Elie and Bailey, Michael},
 booktitle = {S\&P},
 title = {Users Really Do Plug in USB Drives They Find},
 year = {2016}
}

@misc{Titzer2019Amplification,
 author = {Ben Titzer},
 title = {What Spectre means for Language Implementers},
 url = {https://pliss2019.github.io/ben_titzer_spectre_slides.pdf},
 year = {2019}
}

@article{Tiwari1994,
 author = {Tiwari, Vivek and Malik, Sharad and Wolfe, Andrew},
 journal = {IEEE Transactions on Very Large Scale Integration (VLSI) Systems},
 title = {{Power Analysis of Embedded Software: A First Step towards Software Power Minimization}},
 year = {1994}
}

@inproceedings{Tiwari2018,
 author = {Tiwari, Trishita and Trachtenberg, Ari},
 booktitle = {{ACM SIGSAC Conference on Computer and Communications Security}},
 title = {{POSTER: Cashing in on the File-System Cache}},
 year = {2018}
}

@misc{Tizen2014,
 author = {Tizen},
 title = {{Security:Seccomp}},
 url = {https://wiki.tizen.org/Security:Seccomp},
 year = {2018}
}

@misc{Tkachenko2018,
 author = {Tkachenko, Vadim},
 month = {January},
 title = {{20-30\% Performance Hit from the Spectre Bug Fix on Ubuntu}},
 url = {https://www.percona.com/blog/2018/01/23/20-30-performance-hit-spectre-bug-fix-ubuntu/},
 year = {2018}
}

@inproceedings{Tobah2022SpecHammer,
 author = {Tobah, Youssef and Kwong, Andrew and Kang, Ingab and Genkin, Daniel and Shin, Kang G.},
 booktitle = {S\&P},
 keyword = {Privacy;Costs;Codes;Linux;Performance gain;Security;Kernel},
 number = {},
 title = {SpecHammer: Combining Spectre and Rowhammer for New Speculative Attacks},
 volume = {},
 year = {2022}
}

@misc{Tokyo2021ridecore,
 author = {{Arch Lab. in Tokyo Institute of Technology}},
 title = {ridecore},
 url = {https://github.com/ridecore/ridecore},
 year = {2024}
}

@article{Tol2020FastSpec,
 author = {Tol, M Caner and Yurtseven, Koray and Gulmezoglu, Berk and Sunar, Berk},
 journal = {arXiv:2006.14147},
 title = {FastSpec: Scalable Generation and Detection of Spectre Gadgets Using Neural Embeddings},
 year = {2020}
}

@article{tol2025mu,
 author = {Tol, M Caner and Derya, Kemal and Sunar, Berk},
 journal = {arXiv preprint arXiv:2502.14307},
 title = {{$\mu$RL: Discovering Transient Execution Vulnerabilities Using Reinforcement Learning}},
 year = {2025}
}

@misc{toll2006method,
 author = {Toll, Bret L and Miller, John Alan and Fetterman, Michael A},
 month = {September~5},
 note = {US Patent 7,103,751},
 publisher = {Google Patents},
 title = {Method and apparatus for representation of an address in canonical form},
 year = {2006}
}

@article{Tomasulo1967,
 author = {Tomasulo, Robert M},
 journal = {IBM Journal of research and Development},
 number = {1},
 pages = {25--33},
 publisher = {IBM},
 title = {{An efficient algorithm for exploiting multiple arithmetic units}},
 volume = {11},
 year = {1967}
}

@inproceedings{tomescu2019transparency,
 author = {Tomescu, Alin and Bhupatiraju, Vivek and Papadopoulos, Dimitrios and Papamanthou, Charalampos and Triandopoulos, Nikos and Devadas, Srinivas},
 booktitle = {Proceedings of the ACM SIGSAC Conference on Computer and Communications Security},
 title = {Transparency logs via append-only authenticated dictionaries},
 year = {2019}
}

@online{tor_browser_arch,
 author = {Mike Perry and Erinn Clark and Steven Murdoch and Georg Koppen},
 day = {15},
 month = {05},
 title = {The Design and Implementation of the Tor Browser},
 url = {https://www.torproject.org/projects/torbrowser/design/},
 urldate = {2018-06-06},
 year = {2018}
}

@misc{TorBug2015,
 author = {{Mike Perry}},
 title = {{Bug 1517: Reduce precision of time for Javascript.}},
 url = {https://gitweb.torproject.org/user/mikeperry/tor-browser.git/commit/?h=bug1517},
 year = {2015}
}

@article{Toreini2019domtegrity,
 author = {Toreini, Ehsan and Shahandashti, Siamak F and Mehrnezhad, Maryam and Hao, Feng},
 journal = {International Journal of Information Security},
 number = {6},
 title = {DOMtegrity: ensuring web page integrity against malicious browser extensions},
 volume = {18},
 year = {2019}
}

@misc{Torproject2019design,
 author = {The Tor Project},
 title = {{The Design and Implementation of the Tor Browser}},
 url = {{https://2019.www.torproject.org/projects/torbrowser/design/}},
 year = {2019}
}

@misc{Torproject2023letterboxing,
 author = {The Tor Project},
 title = {{Letterboxing}},
 url = {{https://support.torproject.org/tbb/maximized-torbrowser-window/}},
 year = {2023}
}

@inproceedings{Torres2015fpblock,
 author = {Torres, Christof Ferreira and Jonker, Hugo and Mauw, Sjouke},
 booktitle = {{ESORICS}},
 title = {{FP-block: Usable web privacy by controlling browser fingerprinting}},
 year = {2015}
}

@inproceedings{torres2019toto,
 author = {Torres-Arias, Santiago and Afzali, Hammad and Kuppusamy, Trishank Karthik and Curtmola, Reza and Cappos, Justin},
 booktitle = {{USENIX} Security Symposium},
 title = {in-toto: Providing farm-to-table guarantees for bits and bytes},
 year = {2019}
}

@article{torrey2014more,
 author = {Torrey, Jacob},
 journal = {Blackhat USA},
 title = {More shadow walker: Tlb-splitting on modern x86},
 year = {2014}
}

@misc{Torvalds2018stibp,
 author = {Torvalds, Linus},
 month = {November},
 title = {{STIBP by default..Revert?}},
 url = {http://lkml.iu.edu/hypermail/linux/kernel/1811.2/01328.html},
 year = {2018}
}

@misc{tpm2LibSpec,
 author = {{Trusted Computing Group}},
 title = {{TPM 2.0 Library Specification}},
 url = {https://trustedcomputinggroup.org/resource/tpm-library-specification/},
 year = {2019}
}

@inproceedings{Trampert2022Browserbased,
 author = {Leon Trampert and Christian Rossow and Michael Schwarz},
 booktitle = {ESORICS},
 title = {{Browser-based CPU Fingerprinting}},
 year = {2022}
}

@inproceedings{trampert2023honey,
 author = {Leon Trampert and Ben Stock and Sebastian Roth},
 booktitle = {{RAID}},
 title = {{Honey, I Cached our Security Tokens - Re-usage of Security Tokens in the Wild}},
 year = {2023}
}

@article{Trampert2024cascading,
 author = {Anonymized (Under submission)},
 title = {{Paper under Embargo}},
 year = {2024}
}

@inproceedings{Trampert2025CSSprint,
 author = {Leon Trampert and Daniel Weber and Lukas Gerlach and Christian Rossow and Michael Schwarz},
 booktitle = {NDSS},
 title = {{Cascading Spy Sheets: Exploiting the Complexity of Modern CSS for Email and Browser Fingerprinting}},
 year = {2025}
}

@inproceedings{Trampert2025Hidden,
 author = {Leon Trampert and Michael Schwarz},
 booktitle = {uASC},
 title = {{Hidden in Plain Sight: Scriptless Microarchitectural Attacks via TrueType Font Hinting}},
 year = {2025}
}

@inproceedings{Trampert2025Peripheral,
 author = {Leon Trampert and Lorenz Hetterich and Lukas Gerlach and Mona Schappert and Christian Rossow and Michael Schwarz},
 booktitle = {WWW},
 title = {{Peripheral Instinct: How External Devices Breach Browser Sandboxes}},
 year = {2025}
}

@inproceedings{Trampert2025Styled,
 author = {Leon Trampert and Daniel Weber and Christian Rossow and Michael Schwarz},
 booktitle = {{CCS}},
 title = {Styled to Steal: The Overlooked Attack Surface in Email Clients},
 year = {2025}
}

@misc{TransientfailGithub,
 author = {IAIK},
 title = {{Transient Fail (GitHub)}},
 url = {https://github.com/IAIK/transientfail},
 year = {2020}
}

@misc{travis2020icelake-zstore,
 organization = {Travis Downs},
 title = {{Ice Lake Store Elimination}},
 url = {https://travisdowns.github.io/blog/2020/05/18/icelake-zero-opt.html},
 year = {2020}
}

@misc{travis2020zstore,
 organization = {Travis Downs},
 title = {{Hardware Store Elimination}},
 url = {https://travisdowns.github.io/blog/2020/05/13/intel-zero-opt.html},
 year = {2020}
}

@misc{travis2021zstore-disable,
 organization = {Travis Downs},
 title = {{Your CPU May Have Slowed Down on Wednesday}},
 url = {https://travisdowns.github.io/blog/2021/06/17/rip-zero-opt.html},
 year = {2021}
}

@misc{travis2023zstore,
 organization = {Travis Downs},
 title = {{Hardware Store Elimination}},
 url = {https://travisdowns.github.io/blog/2020/05/13/intel-zero-opt.html},
 year = {2020}
}

@misc{travis2023zstore-icelake,
 organization = {Travis Downs},
 title = {{Ice Lake Store Elimination}},
 url = {https://travisdowns.github.io/blog/2020/05/18/icelake-zero-opt.html},
 year = {2020}
}

@misc{TresorSGX,
 author = {Lars Lühr},
 publisher = {{Github}},
 title = {{TresorSGX}},
 url = {https://github.com/ayeks/TresorSGX},
 year = {2016}
}

@inproceedings{trickel2019everyone,
 author = {Trickel, Erik and Starov, Oleksii and Kapravelos, Alexandros and Nikiforakis, Nick and Doup{\'e}, Adam},
 booktitle = {USENIX Security},
 title = {{Everyone is different: Client-side diversification for defending against extension fingerprinting}},
 year = {2019}
}

@inproceedings{Trilla2018,
 author = {Trilla, David and Hernandez, Carles and Abella, Jaume and Cazorla, Francisco J.},
 booktitle = {DAC},
 title = {{Cache Side-channel Attacks and Time-predictability in High-performance Critical Real-time Systems}},
 year = {2018}
}

@inproceedings{Trippel2018CheckMate,
 author = {Caroline Trippel and Daniel Lustig and Margaret Martonosi},
 booktitle = {{MICRO}},
 title = {{CheckMate: Automated Synthesis of Hardware Exploits and Security Litmus Tests}},
 year = {2018}
}

@article{Trippel2018MeltdownPrime,
 author = {Trippel, Caroline and Lustig, Daniel and Martonosi, Margaret},
 journal = {arXiv:1802.\-03802},
 title = {{MeltdownPrime and SpectrePrime: Automatically-Synthesized Attacks Exploiting Invalidation-Based Coherence Protocols}},
 year = {2018}
}

@article{Trippel2021Fuzzing,
 author = {Trippel, Timothy and Shin, Kang G. and Chernyakhovsky, Alex and Kelly, Garret and Rizzo, Dominic and Hicks, Matthew},
 journal = {arXiv:2102.02308},
 title = {Fuzzing Hardware Like Software},
 year = {2021}
}

@article{Tromer2010,
 author = {Tromer, Eran and Osvik, Dag Arne and Shamir, Adi},
 journal = {Journal of Cryptology},
 month = {July},
 number = {1},
 pages = {37--71},
 title = {{Efficient Cache Attacks on AES, and Countermeasures}},
 volume = {23},
 year = {2010}
}

@inproceedings{trujillo2023inception,
 author = {Trujillo, Dani{\"e}l and Wikner, Johannes and Razavi, Kaveh},
 booktitle = {{USENIX Security}},
 title = {Inception: Exposing new attack surfaces with training in transient execution},
 year = {2023}
}

@inproceedings{tsai2014cooperation,
 author = {Tsai, Chia-Che and Arora, Kumar Saurabh and Bandi, Nehal and Jain, Bhushan and Jannen, William and John, Jitin and Kalodner, Harry A and Kulkarni, Vrushali and Oliveira, Daniela and Porter, Donald E},
 booktitle = {Proceedings of the Ninth European Conference on Computer Systems},
 pages = {1--14},
 title = {Cooperation and security isolation of library OSes for multi-process applications},
 year = {2014}
}

@inproceedings{tsai2017graphene,
 author = {Tsai, Chia-Che and Porter, Donald E and Vij, Mona},
 booktitle = {{USENIX ATC}},
 title = {{Graphene-SGX}: A practical library {OS} for unmodified applications on {SGX}},
 year = {2017}
}

@inproceedings{Tsunoo2003,
 author = {Tsunoo, Yukiyasu and Saito, Teruo and Suzaki, Tomoyasu},
 booktitle = {{CHES}},
 title = {{Cryptanalysis of DES implemented on computers with cache}},
 year = {2003}
}

@misc{TUF2025Spec,
 author = {Justin Cappos and Trishank Karthik Kuppusamy and Joshua Lock and Marina Moore and Lukas P\"uhringer },
 title = {{The Update Framework Specification v1.0.33}},
 url = {{https://theupdateframework.github.io/specification/v1.0.33/}},
 year = {2025}
}

@inproceedings{Tunstall2011,
 author = {Tunstall, Michael and Mukhopadhyay, Debdeep and Ali, Subidh},
 booktitle = {{International Workshop on Information Security Theory and Practices}},
 title = {{Differential Fault Analysis of the Advanced Encryption Standard Using a Single Fault}},
 year = {2011}
}

@misc{Turner2018retpoline,
 author = {Turner, Paul},
 title = {{Retpoline: a software construct for preventing branch-target-injection}},
 url = {https://support.google.com/faqs/answer/7625886},
 year = {2018}
}

@misc{Turner2025Autohinting,
 author = {David Turner},
 title = {{The FreeType Auto-Hinter}},
 url = {https://freetype.org/autohinting/hinter.html},
 year = {2025}
}

@misc{Turner2025Interp,
 author = {David Turner and Robert Wilhelm and Werner Lemberg},
 title = {TrueType bytecode interpreter - Version 2.13.3},
 url = {https://gitlab.freedesktop.org/freetype/freetype/-/blob/VER-2-13-3/src/truetype/ttinterp.c},
 year = {2025}
}

@inproceedings{Tychalas2017,
 author = {Tychalas, Dimitrios and Tsoutsos, Nektarios Georgios and Maniatakos, Michail},
 booktitle = {{22nd Asia and South Pacific Design Automation Conference (ASP-DAC)}},
 title = {{Sgxcrypter: Ip protection for portable executables using intel's sgx technology}},
 year = {2017}
}

@misc{ubikeyvuln,
 author = {{Yubico}},
 title = {{Security Advisory 2019-06-13 – Reduced initial randomness on FIPS keys}},
 url = {https://www.yubico.com/support/security-advisories/ysa-2019-02/},
 year = {2019}
}

@misc{uBlock,
 author = {{Raymond Hill}},
 month = {July},
 title = {{uBlock Origin - An efficient blocker for Chromium and Firefox. Fast and lean.}},
 url = {https://github.com/gorhill/uBlock},
 year = {2017}
}

@misc{ubuntu_kvm_l1tf,
 author = {{L1TF mitigations Ubuntu}},
 url = {https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/L1TF},
 year = {2019}
}

@misc{UbuntuKVM2019,
 author = {{Ubuntu Security Team}},
 title = {{L1 Terminal Fault (L1TF)}},
 url = {https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/L1TF},
 year = {2019}
}

@inproceedings{Uhsadel2008,
 author = {Uhsadel, Leif and Georges, Andy and Verbauwhede, Ingrid},
 booktitle = {5th Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC'08).},
 title = {Exploiting hardware performance counters},
 year = {2008}
}

@inproceedings{ulrich2011investigating,
 author = {Ulrich, Alexander and Holz, Ralph and Hauck, Peter and Carle, Georg},
 booktitle = {European Symposium on Research in Computer Security},
 organization = {Springer},
 title = {Investigating the {OpenPGP} web of trust},
 year = {2011}
}

@article{Umans2001DNF,
 author = {Christopher Umans},
 journal = {Journal of Computer and System Sciences},
 title = {{The Minimum Equivalent DNF Problem and Shortest Implicants}},
 year = {2001}
}

@article{UMANS2001Dnf,
 author = {Christopher Umans},
 journal = {Journal of Computer and System Sciences},
 title = {{The Minimum Equivalent DNF Problem and Shortest Implicants}},
 year = {2001}
}

@inproceedings{unger2013shpf,
 author = {{Unger, Thomas and Mulazzani, Martin and Fr{\"u}hwirt, Dominik and Huber, Markus and Schrittwieser, Sebastian and Weippl, Edgar}},
 booktitle = {ARES},
 title = {Shpf: Enhancing http (s) session security with browser fingerprinting},
 year = {2013}
}

@inproceedings{Uppuluri2005,
 author = {Uppuluri, Prem and Joshi, Uday and Ray, Arnab},
 booktitle = {{ACM Symposium on Applied Computing}},
 title = {{Preventing race condition attacks on file-systems}},
 year = {2005}
}

@misc{Upton2018,
 author = {Upton, Eben},
 title = {{Why Raspberry Pi isn’t vulnerable to Spectre or Meltdown}},
 url = {https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/},
 year = {2018}
}

@misc{US20120159184A1,
 author = {Johnson, Simon P. and Savagaonkar, Uday R. and Scarlata, Vincent R. and McKeen, Francis X. and Rozas, Carlos V.},
 month = {June},
 note = {US Patent 2012/0159184 A1},
 publisher = {Google Patents},
 title = {Technique for Supporting Multiple Secure Enclaves },
 year = {2012}
}

@misc{US5564111,
 author = {Glew, Andrew F and Akkary, Haitham and Colwell, Robert P and Hinton, Glenn J and Papworth, David B and Fetterman, Michael A},
 month = {October},
 note = {US Patent 5,564,111},
 publisher = {Google Patents},
 title = {Method and apparatus for implementing a non-blocking translation lookaside buffer},
 year = {1996}
}

@misc{US5606670,
 author = {Abramson, Jeffrey M and Akkary, Haitham and Glew, Andrew F and Hinton, Glenn J and Konigsfeld, Kris G and Madland, Paul D and Papworth, David B},
 note = {US Patent 5,606,670},
 publisher = {Google Patents},
 title = {Method and apparatus for signalling a store buffer to output buffered store data for a load operation on an out-of-order execution computer system},
 year = {1997}
}

@misc{US5613083,
 author = {Glew, Andrew F and Akkary, Haitham and Hinton, Glenn J},
 note = {US Patent 5,613,083},
 publisher = {Google Patents},
 title = {Translation lookaside buffer that is non-blocking in response to a miss for use within a microprocessor capable of processing speculative instructions},
 year = {1997}
}

@misc{US5625788A,
 author = {Boggs, Darrell D. and Rodgers, Scott D.},
 month = {April},
 note = {US Patent 5,625,788},
 publisher = {Google Patents},
 title = {Microprocessor with novel instruction for signaling event occurrence and for providing event handling information in response thereto},
 year = {1997}
}

@misc{US6687809,
 author = {Chowdhury, Muntaquim F and Carmean, Douglas M},
 note = {US Patent 6,687,809},
 publisher = {Google Patents},
 title = {Maintaining processor ordering by checking load addresses of unretired load instructions against snooping store addresses},
 year = {2004}
}

@misc{US7346735,
 author = {Peri, Ramesh and Fernando, John and Kolagotla, Ravi},
 note = {US Patent 7,346,735},
 publisher = {Google Patents},
 title = {Virtualized load buffers},
 year = {2008}
}

@misc{USBIF2000Spec,
 author = {{USB Implementers Forum (USB-IF)}},
 title = {{USB 2.0 Specification}},
 url = {https://www.usb.org/document-library/usb-20-specification},
 year = {2000}
}

@misc{USBIF2001HID,
 author = {{USB Implementers Forum (USB-IF)}},
 title = {{Device Class Definition for Human Interface Devices (HID) - Version 1.11}},
 url = {https://www.usb.org/sites/default/files/hid1_11.pdf},
 year = {2001}
}

@misc{USBIF2022HIDusage,
 author = {{USB Implementers Forum (USB-IF)}},
 title = {{HID Usage Tables for Universal Serial Bus (USB) - Version 1.4}},
 url = {https://www.usb.org/sites/default/files/hut1_4.pdf},
 year = {2022}
}

@misc{Usenix2020Artifact,
 author = {USENIX Association},
 title = {{USENIX Security '20 Artifact Evaluation Information}},
 url = {https://www.usenix.org/conference/usenixsecurity20/artifact-evaluation-information},
 year = {2020}
}

@misc{v8_api,
 author = {{v8 developer blog}},
 url = {https://v8.dev/docs},
 year = {2019}
}

@misc{v8_release_8_3,
 author = {{v8 developer blog}},
 url = {https://v8.dev/blog/v8-release-83},
 year = {2020}
}

@misc{Vahid2010RTL,
 author = {Frank Vahid},
 note = {page 247},
 title = {Digital Design with RTL Design, VHDL, and Verilog},
 url = {https://books.google.de/books?id=-YayRpmjc20C&pg=PA247},
 year = {2010}
}

@inproceedings{vahldiek2019erim,
 author = {Vahldiek-Oberwagner, Anjo and Elnikety, Eslam and Duarte, Nuno O and Sammler, Michael and Druschel, Peter and Garg, Deepak},
 booktitle = {{USENIX Security}},
 title = {{ERIM}: Secure, Efficient In-process Isolation with Protection Keys ({MPK})},
 year = {2019}
}

@article{VahldiekOberwagner2018_____delete,
 author = {Anjo Vahldiek{-}Oberwagner and Eslam Elnikety and Deepak Garg and Peter Druschel},
 journal = {arXiv:1801.06822},
 title = {{ERIM:} Secure and Efficient In-process Isolation with Memory Protection Keys},
 year = {2018}
}

@inproceedings{VahldiekOberwagner2019,
 author = {Anjo Vahldiek{-}Oberwagner and Eslam Elnikety and Deepak Garg and Peter Druschel},
 booktitle = {USENIX Security Symposium},
 title = {{ERIM: Secure and Efficient In-process Isolation with Memory Protection Keys}},
 year = {2019}
}

@inproceedings{Van2008Loosely,
 author = {van den Briel, Menkes Hector Louis and Vossen, Thomas and Kambhampati, Subbarao},
 journal = {Journal of Artificial Intelligence Research},
 title = {Loosely coupled formulations for automated planning: An integer programming perspective},
 year = {2008}
}

@inproceedings{van2017differential,
 author = {van Woudenberg, Jasper and Breunesse, Cees-Bart and Velegalati, Rajesh and Yalla, Panasayya and Gonzalez, Sergio},
 booktitle = {SSPREW},
 title = {Differential fault analysis using symbolic execution},
 year = {2017}
}

@inproceedings{van2017sgx,
 author = {Van Bulck, Jo and Piessens, Frank and Strackx, Raoul},
 booktitle = {SysTEX},
 title = {SGX-Step: A practical attack framework for precise enclave execution control},
 year = {2017}
}

@inproceedings{van2019ridl,
 author = {Van Schaik, Stephan and Milburn, Alyssa and {\"O}sterlund, Sebastian and Frigo, Pietro and Maisuradze, Giorgi and Razavi, Kaveh and Bos, Herbert and Giuffrida, Cristiano},
 booktitle = {S\&P},
 title = {RIDL: Rogue in-flight data load},
 year = {2019}
}

@inproceedings{van2019sok,
 author = {van der Kouwe, Erik and Heiser, Gernot and Andriesse, Dennis and Bos, Herbert and Giuffrida, Cristiano},
 booktitle = {EuroS\&P},
 title = {SoK: Benchmarking flaws in systems security},
 year = {2019}
}

@misc{Van2020Sgaxe,
 author = {Van Schaik, Stephan and Kwong, Andrew and Genkin, Daniel and Yarom, Yuval},
 journal = {2020. https://sgaxe. com/files/SGAxe. pdf},
 title = {SGAxe: How SGX fails in practice},
 year = {2020}
}

@inproceedings{Vanbulck2017PTE,
 author = {Van Bulck, Jo and Weichbrodt, Nico and Kapitza, R\"udiger and Piessens, Frank and Strackx, Raoul},
 booktitle = {USENIX Security Symposium},
 title = {{Telling Your Secrets Without Page Faults: Stealthy Page Table-Based Attacks on Enclaved Execution}},
 year = {2017}
}

@inproceedings{VanBulck2017sgx,
 author = {Van Bulck, Jo and Piessens, Frank and Strackx, Raoul},
 booktitle = {{Workshop on System Software for Trusted Execution}},
 title = {{SGX-Step: A Practical Attack Framework for Precise Enclave Execution Control}},
 year = {2017}
}

@inproceedings{Vanbulck2018foreshadow,
 author = {Van Bulck, Jo and Minkin, Marina and Weisse, Ofir and Genkin, Daniel and Kasikci, Baris and Piessens, Frank and Silberstein, Mark and Wenisch, Thomas F. and Yarom, Yuval and Strackx, Raoul},
 booktitle = {{USENIX Security}},
 title = {{Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution}},
 year = {2018}
}

@inproceedings{Vanbulck2018nemesis,
 author = {Van Bulck, Jo and Piessens, Frank and Strackx, Raoul},
 booktitle = {CCS},
 title = {{Nemesis: Studying Microarchitectural Timing Leaks in Rudimentary CPU Interrupt Logic}},
 year = {2018}
}

@inproceedings{Vanbulck2019tale,
 author = {Van Bulck, Jo and Oswald, David and Marin, Eduard and Aldoseri, Abdulla and Garcia, Flavio and Piessens, Frank},
 booktitle = {CCS},
 title = {A Tale of Two Worlds: Assessing the Vulnerability of Enclave Shielding Runtimes},
 year = {2019}
}

@inproceedings{Vanbulck2020lvi,
 author = {Van Bulck, Jo and Moghimi, Daniel and Schwarz, Michael and Lipp, Moritz and Minkin, Marina and Genkin, Daniel and Yuval, Yarom and Sunar, Berk and Gruss, Daniel and Piessens, Frank},
 booktitle = {S\&P},
 title = {{LVI: Hijacking Transient Execution through Microarchitectural Load Value Injection}},
 year = {2020}
}

@misc{Vanbulck2020lviWeb,
 author = {Van Bulck, Jo and Moghimi, Daniel and Schwarz, Michael and Lipp, Moritz and Minkin, Marina and Genkin, Daniel and Yuval, Yarom and Sunar, Berk and Gruss, Daniel and Piessens, Frank},
 title = {{LVI - Hijacking Transient Execution with Load Value Injection}},
 url = {https://lviattack.com/},
 year = {2020}
}

@inproceedings{Vandepol2015,
 author = {van de Pol, Joop and Smart, Nigel P and Yarom, Yuval},
 booktitle = {CT-RSA 2015},
 title = {Just a little bit more},
 year = {2015}
}

@misc{VanDerVeen2016CCSPresentation,
 author = {van der Veen, Victor},
 booktitle = {Presentation at CCS},
 title = {Drammer: Deterministic Rowhammer Attacks on Mobile Platforms (Slides)},
 url = {http://vvdveen.com/publications/drammer.slides.pdf},
 year = {2016}
}

@inproceedings{Vanderveen2016Drammer,
 author = {van der Veen, Victor and Fratantonio, Yanick and Lindorfer, Martina and Gruss, Daniel and Maurice, Cl\'{e}mentine and Vigna, Giovanni and Bos, Herbert and Razavi, Kaveh and Giuffrida, Cristiano},
 booktitle = {CCS},
 title = {{Drammer: Deterministic Rowhammer Attacks on Mobile Platforms}},
 year = {2016}
}

@inproceedings{Vanderveen2018,
 author = {van der Veen, Victor and Lindorfer, Martina and Fratantonio, Yanick and Pillai, Harikrishnan Padmanabha and Vigna, Giovanni and Kruegel, Christopher and Bos, Herbert and Razavi, Kaveh},
 booktitle = {{DIMVA}},
 title = {{GuardION: Practical Mitigation of DMA-Based Rowhammer Attacks on ARM}},
 year = {2018}
}

@inproceedings{VanGoethem2015,
 author = {Van Goethem, Tom and Joosen, Wouter and Nikiforakis, Nick},
 booktitle = {{CCS}},
 title = {{The clock is still ticking: Timing attacks in the modern web}},
 year = {2015}
}

@inproceedings{VanGoethem2020Timeless,
 author = {Van Goethem, Tom and Pöpper, Christina and Joosen, Wouter and Vanhoef, Mathy},
 booktitle = {{USENIX} Security Symposium},
 title = {{Timeless Timing Attacks: Exploiting Concurrency to Leak Secrets over Remote Connections}},
 year = {2020}
}

@inproceedings{Vanhoef2020,
 author = {Vanhoef, Mathy and Ronen, Eyal},
 booktitle = {{IEEE S\&P}},
 title = {{Dragonblood: Analyzing the Dragonfly Handshake of WPA3 and EAP-pwd}},
 year = {2020}
}

@inproceedings{VanSchaik2017revanc,
 author = {Van Schaik, Stephan and Razavi, Kaveh and Gras, Ben and Bos, Herbert and Giuffrida, Cristiano},
 booktitle = {Proceedings of the 10th European Workshop on Systems Security},
 title = {RevAnC: A framework for reverse engineering hardware page table caches},
 year = {2017}
}

@inproceedings{VanSchaik2018malicious,
 author = {Van Schaik, Stephan and Giuffrida, Cristiano and Bos, Herbert and Razavi, Kaveh},
 booktitle = {USENIX Security Symposium},
 title = {{Malicious Management Unit: Why Stopping Cache Attacks in Software is Harder Than You Think}},
 year = {2018}
}

@misc{VanSchaik2019Addendum1,
 author = {van Schaik, Stephan and Milburn, Alyssa and Österlund, Sebastian and Frigo, Pietro and Maisuradze, Giorgi and Razavi, Kaveh and Bos, Herbert and Giuffrida, Cristiano},
 title = {{Addendum to RIDL}: Rogue In-flight Data Load},
 year = {2019}
}

@misc{VanSchaik2020Addendum2,
 author = {van Schaik, Stephan and Milburn, Alyssa and Österlund, Sebastian and Frigo, Pietro and Maisuradze, Giorgi and Razavi, Kaveh and Bos, Herbert and Giuffrida, Cristiano},
 title = {{Addendum 2 to RIDL: Rogue In-flight Data Load}},
 year = {2020}
}

@misc{VanSchaik2020cacheout,
 author = {van Schaik, Stephan and Minkin, Marina and Kwong, Andrew and Genkin, Daniel and Yarom, Yuval},
 title = {CacheOut: Leaking Data on Intel CPUs via Cache Evictions},
 year = {2020}
}

@inproceedings{Varadarajan2012,
 author = {Varadarajan, Venkatanathan and Kooburat, Thawan and Farley, Benjamin and Ristenpart, Thomas and Swift, Michael M.},
 booktitle = {CCS},
 title = {{Resource-Freeing Attacks: Improve Your Cloud Performance (at Your Neighbor's Expense)}},
 year = {2012}
}

@inproceedings{Varadarajan2014,
 author = {Varadarajan, Venkatanathan and Ristenpart, Thomas and Swift, Michael},
 booktitle = {USENIX Security Symposium},
 title = {{Scheduler-based Defenses against Cross-VM Side-channels}},
 year = {2014}
}

@inproceedings{Varadarajan2015,
 author = {Varadarajan, Venkatanathan and Zhang, Yinqian and Ristenpart, Thomas and Swift, Michael},
 booktitle = {USENIX Security Symposium},
 title = {{A Placement Vulnerability Study in Multi-Tenant Public Clouds}},
 year = {2015}
}

@misc{Varda2018cloudflare,
 author = {Varda, Kenton},
 title = {{WebAssembly’s post-MVP future}},
 url = {https://news.ycombinator.com/item?id=18279791},
 year = {2018}
}

@misc{Varda2019CapnProtoAnon,
 author = {{Anonymous}},
 title = {{Anonymized for Double Blind Submission}},
 url = {},
 year = {2019}
}

@misc{Varda2021DPI,
 author = {Varda, Kenton},
 title = {Dynamic Process Isolation: Research by Cloudflare and TU Graz},
 url = {https://blog.cloudflare.com/spectre-research-with-tu-graz/},
 year = {2021}
}

@article{Vasilakis2015,
 author = {Vasilakis, Evangelos},
 journal = {FORTH-ICS/TR-450},
 title = {{An Instruction Level Energy Characterization of ARM Processors}},
 year = {2015}
}

@inproceedings{Vasiliadis2010,
 author = {Vasiliadis, Giorgos and Polychronakis, Michalis and Ioannidis, Sotiris},
 booktitle = {Proceedings of the 5th International Conference on Malicious and Unwanted Software},
 month = {10},
 pages = {1--6},
 publisher = {Ieee},
 title = {{GPU-assisted malware}},
 year = {2010}
}

@article{Vasiliadis2015gpu,
 author = {Vasiliadis, Giorgos and Polychronakis, Michalis and Ioannidis, Sotiris},
 journal = {International Journal of Information Security},
 title = {{GPU-assisted malware}},
 year = {2015}
}

@article{Vassena2020,
 author = {Marco Vassena and Klaus V. Gleissenthall and Rami Gökhan Kici and Deian Stefan and Ranjit Jhala},
 journal = {arXiv:2005.00294},
 title = {{Automatically Eliminating Speculative Leaks With Blade}},
 year = {2019}
}

@inproceedings{Vastel2018fpscanner,
 author = {Vastel, Antoine and Laperdrix, Pierre and Rudametkin, Walter and Rouvoy, Romain},
 booktitle = {{USENIX Security Symposium}},
 title = {{FP-Scanner: The Privacy Implications of Browser Fingerprint Inconsistencies}},
 year = {2018}
}

@inproceedings{Vastel2018fpstalker,
 author = {Vastel, Antoine and Laperdrix, Pierre and Rudametkin, Walter and Rouvoy, Romain},
 booktitle = {S\&P},
 title = {Fp-stalker: Tracking browser fingerprint evolutions},
 year = {2018}
}

@inproceedings{Vattikonda2011,
 author = {Vattikonda, Bhanu C and Das, Sambit and Shacham, Hovav},
 booktitle = {CCSW},
 title = {{Eliminating fine grained timers in Xen}},
 year = {2011}
}

@misc{Ven2004,
 author = {van de Ven, Arjan and Molnar, Ingo},
 title = {Exec shield},
 year = {2004}
}

@inproceedings{Venkataramani2008,
 author = {Venkataramani, Guru and Doudalis, Ioannis and Solihin, Yan and Prvulovic, Milos},
 booktitle = {IEEE HPCA},
 title = {Flexitaint: A programmable accelerator for dynamic taint propagation},
 year = {2008}
}

@article{Venkatasubramanian2012,
 author = {Venkatasubramanian, Girish and Figueiredo, Renato J. and Illikkal, Ramesh and Newell, Donald},
 journal = {International Journal of Parallel Programming},
 number = {3},
 title = {{TMT}: A {TLB} Tag Management Framework for Virtualized Platforms},
 volume = {40},
 year = {2012}
}

@misc{VentureBeat2015mousemarket,
 author = {VentureBeat},
 title = {{Logitech and Razer dominate the PC gaming mouse market — and e-sports fuels growth}},
 url = {https://venturebeat.com/games/logitech-and-razer-dominate-the-pc-gaming-mouse-market-and-e-sports-fuels-growth/},
 year = {2015}
}

@misc{VeraCrypt,
 author = {IDRIX},
 title = {{VeraCrypt}},
 url = {https://veracrypt.fr},
 year = {2018}
}

@misc{vertical2022microbench,
 author = {Vertical Research Group},
 title = {{Microbenchamarks}},
 url = {https://github.com/VerticalResearchGroup/microbench},
 year = {2022}
}

@misc{ververis2010security,
 author = {Ververis, Vassilios},
 title = {{Security evaluation of Intel's active management technology}},
 year = {2010}
}

@inproceedings{Veyrat2012,
 author = {Veyrat-Charvillon, Nicolas and G{\'e}rard, Beno{\^\i}t and Renauld, Mathieu and Standaert, Fran{\c{c}}ois-Xavier},
 booktitle = {SAC},
 title = {An Optimal Key Enumeration Algorithm and its Application to Side-Channel Attacks},
 year = {2012}
}

@misc{VIA2023app,
 author = {{VIA Team}},
 title = {{usevia.app}},
 url = {https://github.com/the-via/app},
 year = {2023}
}

@misc{VIA2023docs,
 author = {{VIA Team}},
 title = {{VIA Documentation - Configuring QMK}},
 url = {https://www.caniusevia.com/docs/configuring_qmk},
 year = {2023}
}

@inproceedings{vicarte2022augury,
 author = {Vicarte, Jose Rodrigo Sanchez and Flanders, Michael and Paccagnella, Riccardo and Garrett-Grossman, Grant and Morrison, Adam and Fletcher, Christopher W and Kohlbrenner, David},
 booktitle = {S\&P},
 title = {{Augury: Using data memory-dependent prefetchers to leak data at rest}},
 year = {2022}
}

@inproceedings{Vig2018,
 author = {Vig, Saru and Lam, Siew-Kei and Bhattacharya, Sarani and Mukhopadhyay, Debdeep},
 booktitle = {{Workshop on Hardware and Architectural Support for Security and Privacy}},
 title = {{Rapid detection of rowhammer attacks using dynamic skewed hash tree}},
 year = {2018}
}

@inproceedings{Vila2017,
 author = {Vila, Pepe and K{\"{o}}pf, Boris},
 booktitle = {USENIX Security Symposium},
 title = {{Loophole: Timing Attacks on Shared Event Loops in Chrome}},
 year = {2017}
}

@article{Vila2018eviction,
 author = {Vila, Pepe and K{\"o}pf, Boris and Morales, Jos{\'e} Francisco},
 journal = {arXiv:1810.01497},
 title = {Theory and practice of finding eviction sets},
 year = {2018}
}

@inproceedings{Vila2019,
 author = {Pepe Vila and Boris K{\"o}pf and Jose Morales},
 booktitle = {{S\&P}},
 title = {{Theory and Practice of Finding Eviction Sets}},
 year = {2019}
}

@inproceedings{Vila2019Evictionsets,
 author = {Pepe Vila and Boris K{\"o}pf and Jose Morales},
 booktitle = {S\&P},
 title = {{Theory and Practice of Finding Eviction Sets}},
 year = {2019}
}

@inproceedings{Vila2020cache,
 author = {Vila, Pepe and Ganty, Pierre and Guarnieri, Marco and K\"{o}pf, Boris},
 booktitle = {{PLDI}},
 title = {{CacheQuery: Learning Replacement Policies from Hardware Caches}},
 year = {2020}
}

@article{Vila2020Flush,
 author = {Vila, Pepe and Abel, Andreas and Guarnieri, Marco and K{\"o}pf, Boris and Reineke, Jan},
 journal = {arXiv:2005.13853},
 title = {{Flushgeist: Cache Leaks from Beyond the Flush}},
 year = {2020}
}

@misc{Vila2024charset,
 author = {{Pepe Vila}},
 title = {{Charset Leakage Demo}},
 url = {https://demo.vwzq.net/css2.html},
 year = {2024}
}

@inproceedings{Vinaya2012,
 author = {Vinaya, M S and Vydyanathan, Nagavijayalakshmi and Gajjar, Mrugesh},
 booktitle = {PDGC'12},
 title = {{An evaluation of CUDA-enabled virtualization solutions}},
 year = {2012}
}

@inproceedings{Vintan1999,
 author = {Vintan, Lucian N and Iridon, Mihaela},
 booktitle = {Neural Networks, 1999. IJCNN'99. International Joint Conference on},
 organization = {IEEE},
 pages = {868--873},
 title = {Towards a high performance neural branch predictor},
 volume = {2},
 year = {1999}
}

@misc{Vitaris2016zeroday,
 author = {Benjamin Vitaris},
 title = {{Firefox Zero-Day Can Be Used To Deanonymize Tor Users}},
 url = {https://www.deepdotweb.com/2016/12/11/firefox-zero-day-can-used-deanonymize-tor-users},
 year = {2016}
}

@report{VMware2007,
 author = {VMware},
 title = {{Understanding Full Virtualization, Paravirtualization, and Hardware Assist}},
 type = {techreport},
 year = {2007}
}

@report{VMware2009AMD,
 author = {VMware},
 title = {{Performance Evaluation of AMD RVI Hardware Assist}},
 type = {techreport},
 year = {2009}
}

@report{VMware2009Intel,
 author = {VMware},
 title = {{Performance Evaluation of Intel EPT Hardware Assist}},
 type = {techreport},
 year = {2009}
}

@misc{VMWare2013TaintTracking,
 author = {Leake, Edward N. and Pike, Geoffrey},
 number = {US8875288B2},
 title = {Taint Tracking Mechanism for Computer Security},
 url = {https://patents.google.com/patent/US8875288B2},
 year = {2013}
}

@misc{vmware_disable_tps,
 author = {{VMWare}},
 title = {Security considerations and disallowing inter-Virtual Machine Transparent Page Sharing (2080735)},
 url = {https://kb.vmware.com/s/article/2080735},
 year = {2018}
}

@inproceedings{Volos2024coloring,
 author = {Volos, Stavros and Fournet, C{\'e}dric and Hofmann, Jana and K{\"o}pf, Boris and Oleksenko, Oleksii},
 booktitle = {ACM CCS},
 title = {Principled microarchitectural isolation on cloud CPUs},
 year = {2024}
}

@inproceedings{Votipka2020,
 author = {Daniel Votipka and Seth Rabin and Kristopher Micinski and Jeffrey S. Foster and Michelle L. Mazurek},
 booktitle = {{USENIX} Security Symposium},
 title = {{An Observational Investigation of Reverse Engineers{\textquoteright} Processes}},
 year = {2020}
}

@inproceedings{Vougioukas2019,
 author = {Vougioukas, Ilias and Nikoleris, Nikos and Sandberg, Andreas and Diestelhorst, Stephan and Al-Hashimi, Bashir M and Merrett, Geoff V},
 booktitle = {HPCA},
 title = {{BRB: Mitigating Branch Predictor Side-Channels}},
 year = {2019}
}

@inproceedings{voulimeneas2022you,
 author = {Voulimeneas, Alexios and Vinck, Jonas and Mechelinck, Ruben and Volckaert, Stijn},
 booktitle = {EuroSys},
 title = {You shall not (by) pass! practical, secure, and fast pku-based sandboxing},
 year = {2022}
}

@inproceedings{Vrancken2017,
 author = {Vrancken, Kobe and Piessens, Frank and Strackx, Raoul},
 booktitle = {Workshop on System Software for Trusted Execution},
 title = {Hardening {Intel SGX} Applications: Balancing Concerns},
 year = {2017}
}

@misc{Vuchener2015hidpp,
 author = {{Vuchener, Clément}},
 title = {{HID++ library and tools}},
 url = {https://github.com/cvuchener/hidpp},
 year = {2015}
}

@misc{Vyukov2016,
 author = {Dmitry Vyukov},
 title = {{syzkaller - linux syscall fuzzer}},
 url = {https://github.com/google/syzkaller},
 year = {2016}
}

@misc{W3c2009namespaces,
 author = {World Wide Web Consortium},
 title = {{Namespaces in XML 1.0 (Third Edition)}},
 url = {{https://www.w3.org/TR/REC-xml-names/}},
 year = {2009}
}

@misc{W3C2015High,
 author = {{W3C}},
 month = {July},
 title = {{High Resolution Time Level 2 - W3C Working Draft 21 July 2015}},
 url = {http://www.w3.org/TR/2015/WD-hr-time-2-20150721/#privacy-security},
 year = {2015}
}

@misc{W3C2015WebWorker,
 author = {{W3C}},
 title = {{Web Workers - W3C Working Draft 24 September 2015}},
 url = {https://www.w3.org/TR/workers/},
 year = {2015}
}

@misc{W3C2016,
 author = {{W3C}},
 title = {{High Resolution Time Level 2}},
 url = {https://www.w3.org/TR/hr-time/},
 year = {2016}
}

@misc{W3c2021cssmedia,
 author = {World Wide Web Consortium},
 title = {{Media Queries Level 5}},
 url = {{https://www.w3.org/TR/mediaqueries-5/}},
 year = {2021}
}

@misc{W3c2022csscontain,
 author = {World Wide Web Consortium},
 title = {{CSS Containment Module Level 3}},
 url = {{https://www.w3.org/TR/css-contain-3/}},
 year = {2022}
}

@misc{W3C2022trustedtypes,
 author = {{W3C}},
 title = {{Trusted Types}},
 url = {https://www.w3.org/TR/trusted-types/},
 year = {2022}
}

@misc{W3c2023csscascade,
 author = {World Wide Web Consortium},
 title = {{CSS Cascading and Inheritance Level 5}},
 url = {{https://drafts.csswg.org/css-cascade-5/}},
 year = {2023}
}

@misc{W3c2023cssenv,
 author = {World Wide Web Consortium},
 title = {{CSS Environment Variables Module Level 1}},
 url = {{https://drafts.csswg.org/css-env/#env-function}},
 year = {2021}
}

@misc{W3c2023cssfonts,
 author = {World Wide Web Consortium},
 title = {{CSS Fonts Module Level 4}},
 url = {{https://drafts.csswg.org/css-fonts/}},
 year = {2023}
}

@misc{W3c2023csssupports,
 author = {World Wide Web Consortium},
 title = {{CSS Conditional Rules Module Level 4}},
 url = {{https://drafts.csswg.org/css-conditional-4/}},
 year = {2023}
}

@misc{W3c2023cssval,
 author = {World Wide Web Consortium},
 title = {{CSS Values and Units Module Level 4}},
 url = {{https://www.w3.org/TR/css-values-4/#math}},
 year = {2023}
}

@misc{W3C2024arabic,
 author = {{W3C Arabic Script Language Enablement Community}},
 title = {{Arabic and Persian Layout Requirements}},
 url = {https://www.w3.org/TR/alreq/},
 year = {2024}
}

@misc{W3C2024csp3,
 author = {{W3C}},
 title = {{Content Security Policy Level 3}},
 url = {https://www.w3.org/TR/CSP3/},
 year = {2024}
}

@misc{W3C2024scrollbar,
 author = {{W3C CSS Working Group}},
 title = {{CSS Scrollbars Styling Module Level 1}},
 url = {https://drafts.csswg.org/css-scrollbars/},
 year = {2024}
}

@misc{W3C2025WebCrypto,
 author = {{W3C}},
 title = {{Web Cryptography Level 2}},
 url = {https://www.w3.org/TR/webcrypto-2/},
 year = {2025}
}

@misc{W3Cambient,
 author = {{W3C}},
 title = {{Ambient Light Sensor}},
 url = {https://www.w3.org/TR/ambient-light/},
 year = {2017}
}

@misc{W3Capis,
 author = {{W3C}},
 title = {{Javascript APIs Current Status}},
 url = {https://www.w3.org/standards/techs/js},
 year = {2017}
}

@misc{W3Cbattery,
 author = {{W3C}},
 title = {{Battery Status API}},
 url = {https://www.w3.org/TR/battery-status/},
 year = {2016}
}

@misc{W3Cdeviceorientation,
 author = {{W3C}},
 title = {{DeviceOrientation Event Specification}},
 url = {https://www.w3.org/TR/orientation-event/},
 year = {2017}
}

@misc{W3Cgenericsensors,
 author = {{W3C}},
 title = {{Generic Sensor API}},
 url = {https://www.w3.org/TR/2017/WD-generic-sensor-20170530/},
 year = {2017}
}

@misc{W3Cgeolocation,
 author = {{W3C}},
 title = {{Geolocation API Specification 2nd Edition}},
 url = {https://www.w3.org/TR/geolocation-API/},
 year = {2016}
}

@misc{W3CReports2023,
 author = {{World Wide Web Consortium (W3C)}},
 title = {{Types of Reports}},
 url = {https://www.w3.org/standards/types#reports},
 year = {2023}
}

@misc{W3Techs2017,
 author = {{W3Techs}},
 month = {August},
 title = {{Usage of JavaScript for websites}},
 url = {https://w3techs.com/technologies/details/cp-javascript/all/all},
 year = {2017}
}

@misc{Wagner18firefox,
 author = {Wagner, Luke},
 title = {Mitigations landing for new class of timing attack},
 year = {2018}
}

@inproceedings{wagner2000,
 author = {Wagner, David and Dean, R},
 booktitle = {S\&P},
 title = {Intrusion detection via static analysis},
 year = {2000}
}

@inproceedings{wagner2000intrusion,
 author = {Wagner, David and Dean, R},
 booktitle = {S\&P},
 title = {Intrusion detection via static analysis},
 year = {2000}
}

@article{Waldspurger2002,
 author = {Waldspurger, Carl A},
 journal = {ACM SIGOPS Operating Systems Review},
 number = {SI},
 pages = {181--194},
 title = {{Memory Resource Management in VMware ESX Server}},
 volume = {36},
 year = {2002}
}

@inproceedings{wampler2019exspectre,
 author = {Wampler, Jack and Martiny, Ian and Wustrow, Eric},
 booktitle = {NDSS},
 title = {ExSpectre: Hiding Malware in Speculative Execution.},
 year = {2019}
}

@inproceedings{Wang1997,
 author = {Wang, Kai and Franklin, Manoj},
 booktitle = {MICRO},
 title = {{Highly accurate data value prediction using hybrid predictors}},
 year = {1997}
}

@inproceedings{Wang2006,
 author = {Wang, Zhenghong and Lee, Ruby B},
 booktitle = {ACSAC},
 title = {{Covert and Side Channels due to Processor Architecture}},
 year = {2006}
}

@article{Wang2007,
 author = {Wang, Zhenghong and Lee, Ruby B.},
 journal = {ACM SIGARCH Computer Architecture News},
 number = {2},
 title = {{New cache designs for thwarting software cache-based side channel attacks}},
 volume = {35},
 year = {2007}
}

@inproceedings{Wang2008A,
 author = {Wang, Zhenghong and Lee, Ruby B.},
 booktitle = {MICRO},
 title = {{A Novel Cache Architecture with Enhanced Performance and Security}},
 year = {2008}
}

@inproceedings{Wang2008Still,
 author = {Wang, Xinran and Jhi, Yoon-Chan and Zhu, Sencun and Liu, Peng},
 booktitle = {ACSAC},
 title = {{Still: Exploit code detection via static taint and initialization analyses}},
 year = {2008}
}

@inproceedings{Wang2013Numchecker,
 author = {X. {Wang} and R. {Karri}},
 booktitle = {DAC},
 title = {NumChecker: Detecting kernel control-flow modifying rootkits by using Hardware Performance Counters},
 year = {2013}
}

@inproceedings{Wang2015mole,
 author = {Wang, He and Lai, Ted Tsung-Te and Roy Choudhury, Romit},
 booktitle = {Proceedings of the international conference on mobile computing and networking},
 title = {Mole: Motion leaks through smartwatch sensors},
 year = {2015}
}

@inproceedings{Wang2015secpod,
 author = {Wang, Xiaoguang and Chen, Yue and Wang, Zhi and Qi, Yong and Zhou, Yajin},
 booktitle = {USENIX ATC},
 title = {Sec{P}od: a framework for virtualization-based security systems},
 year = {2015}
}

@inproceedings{Wang2017angr,
 author = {Wang, Fish and Shoshitaishvili, Yan},
 booktitle = {2017 IEEE Cybersecurity Development (SecDev)},
 title = {{Angr - The Next Generation of Binary Analysis}},
 year = {2017}
}

@inproceedings{Wang2017DF,
 author = {Pengfei Wang and Jens Krinke},
 booktitle = {{USENIX Security Symposium}},
 title = {{How Double-Fetch Situations turn into Double-Fetch Vulnerabilities: A Study of Double Fetches in the Linux Kernel}},
 year = {2017}
}

@inproceedings{Wang2017leaky,
 author = {Wang, Wenhao and Chen, Guoxing and Pan, Xiaorui and Zhang, Yinqian and Wang, XiaoFeng and Bindschaedler, Vincent and Tang, Haixu and Gunter, Carl A},
 booktitle = {CCS},
 title = {{Leaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX}},
 year = {2017}
}

@inproceedings{Wang2017swap,
 author = {Wang, Xiaodong and Chen, Shuang and Setter, Jeff and Mart{\'\i}nez, Jos{\'e} F},
 booktitle = {HPCA},
 title = {SWAP: Effective fine-grain management of shared last-level caches with minimum hardware support},
 year = {2017}
}

@article{Wang2018DF,
 author = {Pengfei Wang and
Kai Lu and
Gen Li and
Xu Zhou},
 journal = {Concurrency and Computation: Practice and Experience},
 number = {6},
 title = {A survey of the double-fetch vulnerabilities},
 volume = {30},
 year = {2018}
}

@article{Wang2018oo7,
 author = {Wang, Guanhua and Chattopadhyay, Sudipta and Gotovchits, Ivan and Mitra, Tulika and Abhik Roychoudhury},
 journal = {arXiv:1807.05843},
 title = {{{oo7:} Low-overhead Defense against Spectre Attacks via Binary Analysis}},
 year = {2018}
}

@inproceedings{Wang2018zero,
 author = {Wang, ZiHao and Peng, ShuangHe and Guo, XinYue and Jiang, WenBin},
 booktitle = {International Conference on Security for Information Technology and Communications},
 title = {{Zero in and TimeFuzz: detection and mitigation of cache side-channel attacks}},
 year = {2018}
}

@article{Wang2019KLEE,
 author = {Wang, Guanhua and Chattopadhyay, Sudipta and Biswas, Arnab Kumar and Mitra, Tulika and Roychoudhury, Abhik},
 journal = {ACM Transactions on Software Engineering and Methodology (TOSEM)},
 number = {3},
 pages = {1--31},
 title = {{KLEESpectre: Detecting Information Leakage through Speculative Cache Attacks via Symbolic Execution}},
 volume = {29},
 year = {2020}
}

@article{Wang2019oo7,
 author = {Wang, Guanhua and Chattopadhyay, Sudipta and Gotovchits, Ivan and Mitra, Tulika and Roychoudhury, Abhik},
 journal = {Transactions on Software Engineering},
 title = {{oo7: Low-overhead Defense against Spectre attacks via Program Analysis}},
 year = {2019}
}

@inproceedings{Wang2019Papp,
 author = {Wang, Daimeng and Qian, Zhiyun and Abu-Ghazaleh, Nael and Krishnamurthy, Srikanth V},
 booktitle = {DAC},
 title = {PAPP: Prefetcher-Aware Prime and Probe Side-channel Attack},
 year = {2019}
}

@inproceedings{Wang2019Unveiling,
 author = {Wang, Daimeng and Neupane, Ajaya and Qian, Zhiyun and Abu-Ghazaleh, Nael and Krishnamurthy, Srikanth V and Colbert, Edward JM and Yu, Paul},
 booktitle = {{NDSS}},
 title = {{Unveiling your keystrokes: A Cache-based Side-channel Attack on Graphics Libraries}},
 year = {2019}
}

@inproceedings{Wang2020comprehensive,
 author = {Wang, Han and Sayadi, Hossein and Sasan, Avesta and Rafatirad, Setareh and Mohsenin, Tinoosh and Homayoun, Houman},
 booktitle = {{GLSVLSI}},
 title = {{Comprehensive Evaluation of Machine Learning Countermeasures for Detecting Microarchitectural Side-Channel Attacks}},
 year = {2020}
}

@inproceedings{Wang2020dramdig,
 author = {Wang, Minghua and Zhang, Zhi and Cheng, Yueqiang and Nepal, Surya},
 booktitle = {DAC},
 title = {{DRAMDig}: A knowledge-assisted tool to uncover {DRAM} address mapping},
 year = {2020}
}

@inproceedings{Wang2020hybrid,
 author = {Wang, Han and Sayadi, Hossein and Sasan, Avesta and Rafatirad, Setareh and Homayoun, Houman},
 booktitle = {ICCAD},
 title = {Hybrid-shield: Accurate and efficient cross-layer countermeasure for run-time detection and mitigation of cache-based side-channel attacks},
 year = {2020}
}

@inproceedings{Wang2020mitigating,
 author = {Wang, Han and Sayadi, Hossein and Mohsenin, Tinoosh and Zhao, Liang and Sasan, Avesta and Rafatirad, Setareh and Homayoun, Houman},
 booktitle = {DATE},
 title = {{Mitigating Cache-Based Side-Channel Attacks through Randomization: A Comprehensive System and Architecture Level Analysis}},
 year = {2020}
}

@inproceedings{wang2020phased,
 author = {Wang, Han and Sayadi, Hossein and Kolhe, Gaurav and Sasan, Avesta and Rafatirad, Setareh and Homayoun, Houman},
 booktitle = {ICCD},
 title = {{Phased-guard: Multi-phase machine learning framework for detection and identification of zero-day microarchitectural side-channel attacks}},
 year = {2020}
}

@inproceedings{Wang2020scarf,
 author = {H. {Wang} and H. {Sayadi} and S. {Rafatirad} and A. {Sasan} and H. {Homayoun}},
 booktitle = {{IOLTS}},
 title = {{SCARF: Detecting Side-Channel Attacks at Real-time using Low-level Hardware Features}},
 year = {2020}
}

@inproceedings{Wang2022hertzbleed,
 author = {Yingchen Wang and Riccardo Paccagnella and Elizabeth He and Hovav Shacham and Christopher W. Fletcher and David Kohlbrenner},
 booktitle = {{USENIX Security}},
 title = {Hertzbleed: Turning Power Side-Channel Attacks Into Remote Timing Attacks on x86},
 year = {2022}
}

@inproceedings{wang2022hertzbleed,
 author = {Wang, Yingchen and Paccagnella, Riccardo and He, Elizabeth Tang and Shacham, Hovav and Fletcher, Christopher W and Kohlbrenner, David},
 booktitle = {USENIX Security},
 title = {{Hertzbleed: Turning Power Side-Channel Attacks Into Remote Timing Attacks on x86}},
 year = {2022}
}

@inproceedings{wang2023dvfs,
 author = {Wang, Yingchen and Paccagnella, Riccardo and Wandke, Alan and Gang, Zhao and Garrett-Grossman, Grant and Fletcher, Christopher W and Kohlbrenner, David and Shacham, Hovav},
 booktitle = {S\&P},
 title = {{DVFS frequently leaks secrets: Hertzbleed attacks beyond SIKE, cryptography, and CPU-only data}},
 year = {2023}
}

@inproceedings{Wang2023leave,
 author = {Wang, Zilong and Mohr, Gideon and von Gleissenthall, Klaus and Reineke, Jan and Guarnieri, Marco},
 booktitle = {CCS},
 title = {Specification and verification of side-channel security for open-source processors via leakage contracts},
 year = {2023}
}

@inproceedings{wang2024systematic,
 author = {Wang, Yanli and Sheng, Sifei and Wang, Yanlin},
 booktitle = {International Conference on Blockchain and Trustworthy Systems},
 title = {A Systematic Literature Review on Smart Contract Vulnerability Detection by Symbolic Execution},
 year = {2024}
}

@inproceedings{Wartell2011,
 author = {Wartell, Richard and Zhou, Yan and Hamlen, Kevin W and Kantarcioglu, Murat and Thuraisingham, Bhavani},
 booktitle = {ECML PKDD},
 title = {{Differentiating Code from Data in x86 Binaries}},
 year = {2011}
}

@inproceedings{Watanabe2020Melting,
 author = {Watanabe, Takuya and Shioji, Eitaro and Akiyama, Mitsuaki and Mori, Tatsuya},
 booktitle = {NDSS},
 title = {Melting Pot of Origins: Compromising the Intermediary Web Services that Rehost Websites.},
 year = {2020}
}

@article{waterman2015risc,
 author = {Waterman, Andrew and Lee, Yunsup and Patterson, David A and Asanovi{\'c}, Krste},
 journal = {EECS Department, University of California, Berkeley},
 title = {The RISC-V compressed instruction set manual, version 1.7},
 year = {2015}
}

@inproceedings{Watson2015cheri,
 author = {Watson, Robert NM and Woodruff, Jonathan and Neumann, Peter G and Moore, Simon W and Anderson, Jonathan and Chisnall, David and Dave, Nirav and Davis, Brooks and Gudka, Khilan and Laurie, Ben and others},
 booktitle = {S\&P},
 title = {{CHERI}: A hybrid capability-system architecture for scalable software compartmentalization},
 year = {2015}
}

@techreport{Watson2018capability,
 author = {Watson, Robert NM and Woodruff, Jonathan and Roe, Michael and Moore, Simon W and Neumann, Peter G},
 institution = {University of Cambridge, Computer Laboratory},
 title = {{Capability hardware enhanced RISC instructions (CHERI): Notes on the Meltdown and Spectre attacks}},
 year = {2018}
}

@inproceedings{Weaver2013perf,
 author = {Weaver, Vincent M and Terpstra, Dan and Moore, Shirley},
 booktitle = {ISPASS},
 title = {Non-determinism and overcount on modern hardware performance counter implementations},
 year = {2013}
}

@techreport{Weaver2015,
 author = {Weaver, Vincent M and Jones, Dave},
 institution = {Technical Report, University of Maine},
 title = {{perf fuzzer: Targeted fuzzing of the perf\_event\_open() system call}},
 year = {2015}
}

@online{WebAssembly2019future,
 author = {WebAssembly},
 title = {Features to add after the MVP},
 url = {https://github.com/WebAssembly/design/blob/master/FutureFeatures.md},
 year = {2019}
}

@misc{WebBluetooth2024,
 author = {{Web Incubator Community Group (WICG)}},
 title = {{Web Bluetooth API Draft Community Group Report}},
 url = {https://webbluetoothcg.github.io/web-bluetooth/},
 year = {2024}
}

@misc{WebBluetoothBlocklist2023,
 author = {{Web Incubator Community Group (WICG)}},
 title = {{WebBluetooth GATT Blocklist}},
 url = {https://github.com/WebBluetoothCG/registries/blob/master/gatt_blocklist.txt},
 year = {2023}
}

@inproceedings{Weber2021Osiris,
 author = {Daniel Weber and Ahmad Ibrahim and Hamed Nemati and Michael Schwarz and Christian Rossow},
 booktitle = {USENIX Security},
 title = {{Osiris: Automated Discovery of Microarchitectural Side Channels}},
 year = {2021}
}

@inproceedings{Weber2023Indirect,
 author = {Daniel Weber and Fabian Thomas and Lukas Gerlach and Ruiyi Zhang and Michael Schwarz},
 booktitle = {ESORICS},
 title = {{Indirect Meltdown: Building Novel Side-Channel Attacks from Transient Execution Attacks}},
 year = {2023}
}

@inproceedings{Weber2023Meltdown3a,
 author = {Weber, Daniel and Thomas, Fabian and Gerlach, Lukas and Zhang, Ruiyi and Schwarz, Michael},
 booktitle = {ESORICS},
 title = {Reviving Meltdown 3a},
 year = {2023}
}

@inproceedings{Weber2023Reviving,
 author = {Daniel Weber and Fabian Thomas and Lukas Gerlach and Ruiyi Zhang and Michael Schwarz},
 booktitle = {ESORICS},
 title = {{Reviving Meltdown 3a}},
 year = {2023}
}

@inproceedings{Weber2024IRQ,
 author = {Daniel Weber and Leonard Niemann and Lukas Gerlach and Jan Reineke and Michael Schwarz},
 booktitle = {ACSAC},
 title = {{No Leakage Without State Change: Repurposing Configurable CPU Exceptions to Prevent Microarchitectural Attacks}},
 year = {2024}
}

@inproceedings{Weber2025SCASE,
 author = {Weber, Daniel and Gerlach, Lukas and Trampert, Leon and Lue, Youheng and Van Bulck, Jo and Schwarz, Michael},
 booktitle = {USENIX},
 title = {SCASE: Automated Secret Recovery via Side-Channel-Assisted Symbolic Execution},
 year = {2025}
}

@article{Weber2025Trevex,
 author = {Daniel Weber and Fabian Thomas and Leon Trampert and Ruiyi Zhang and Michael Schwarz},
 journal = {TBD},
 title = {{Trevex: A Black-Box Detection Framework For Generic Transient Execution Vulnerabilities}},
 year = {2025}
}

@misc{WebHID2022,
 author = {{Web Incubator Community Group (WICG)}},
 title = {{WebHID API Draft Community Group Report}},
 url = {https://wicg.github.io/webhid/},
 year = {2022}
}

@misc{WebHIDBlocklist2023,
 author = {{Web Incubator Community Group (WICG)}},
 title = {{WebHID Blocklist}},
 url = {https://github.com/WICG/webhid/blob/main/blocklist.txt},
 year = {2023}
}

@misc{WebHIDBlocklist2023Chrome,
 author = {{Google}},
 title = {{WebHID Blocklist in Chromium 111.0.5563.152}},
 url = {https://chromium.googlesource.com/chromium/src/+/refs/tags/111.0.5563.152/services/device/public/cpp/hid/hid_blocklist.cc},
 year = {2020}
}

@misc{WebHIDChromeStatus2023,
 author = {{Google}},
 title = {{Chrome Platform Status - WebHID}},
 url = {https://chromestatus.com/feature/5172464636133376},
 year = {2023}
}

@misc{Webkit2023StandardPositions,
 author = {{Apple}},
 title = {{WebKit Standard Positions}},
 url = {https://webkit.org/tracking-prevention/#anti-fingerprinting},
 year = {2023}
}

@misc{webkit2024,
 author = {{Apple}},
 title = {{WebKit - A fast, open source web browser engine.}},
 url = {https://webkit.org/},
 year = {2024}
}

@misc{WebkitBug2015,
 author = {{Alex Christensen}},
 title = {{Reduce resolution of performance.now.}},
 url = {https://bugs.webkit.org/show_bug.cgi?id=146531},
 year = {2015}
}

@misc{WebMIDI2024,
 author = {{W3C Audio Working Group}},
 title = {{Web MIDI API W3C Editor's Draft}},
 url = {https://webaudio.github.io/web-midi-api/},
 year = {2024}
}

@misc{WebSerial2024,
 author = {{Web Incubator Community Group (WICG)}},
 title = {{Web Serial API Draft Community Group Report}},
 url = {https://wicg.github.io/serial/},
 year = {2024}
}

@misc{WebSerialBlocklist2023,
 author = {{Web Incubator Community Group (WICG)}},
 title = {{WebSerial Bluetooth Service Blocklist}},
 url = {https://github.com/WICG/serial/blob/main/bluetooth-service-blocklist.txt},
 year = {2023}
}

@misc{webtropicDedicatedRoot,
 author = {webtropia},
 month = {May},
 title = {Dedicated Server},
 url = {https://www.webtropia.com/en/dedicated-server/root-server-vergleich.html},
 year = {2018}
}

@misc{WebUSB2023,
 author = {{Web Incubator Community Group (WICG)}},
 title = {{WebUSB API Draft Community Group Report}},
 url = {https://wicg.github.io/webusb/},
 year = {2023}
}

@misc{WebUSBBlocklist2023,
 author = {{Web Incubator Community Group (WICG)}},
 title = {{WebUSB Blocklist}},
 url = {https://github.com/WICG/webusb/blob/main/blocklist.txt},
 year = {2023}
}

@inproceedings{Wei2005,
 author = {Wei, Jinpeng and Pu, Calton},
 booktitle = {FAST},
 title = {{TOCTTOU Vulnerabilities in UNIX-style File Systems: An Anatomical Study}},
 year = {2005}
}

@inproceedings{Weichbrodt2016,
 author = {Weichbrodt, Nico and Kurmus, Anil and Pietzuch, Peter and Kapitza, R{\"u}diger},
 booktitle = {ESORICS},
 title = {{AsyncShock: Exploiting Synchronisation Bugs in Intel SGX Enclaves}},
 year = {2016}
}

@inproceedings{Weichselbaum2016CSP,
 author = {Weichselbaum, Lukas and Spagnuolo, Michele and Lekies, Sebastian and Janc, Artur},
 booktitle = {{CCS}},
 title = {{CSP is dead, long live CSP! On the insecurity of whitelists and the future of content security policy}},
 year = {2016}
}

@inproceedings{Weinberg2011,
 author = {Weinberg, Zachary and Chen, Eric Y and Jayaraman, Pavithra Ramesh and Jackson, Collin},
 booktitle = {S\&P'11},
 title = {{I still know what you visited last summer: Leaking browsing history via user interaction and side channel attacks}},
 year = {2011}
}

@inproceedings{Weiser18data,
 author = {Weiser, Samuel and Zankl, Andreas and Spreitzer, Raphael and Miller, Katja and Mangard, Stefan and Sigl, Georg},
 booktitle = {{USENIX Security}},
 title = {{DATA - Differential Address Trace Analysis: Finding Address-based Side-Channels in Binaries}},
 year = {2018}
}

@inproceedings{Weiser2018,
 author = {Samuel Weiser and Raphael Spreitzer and Lukas Bodner},
 booktitle = {{AsiaCCS}},
 title = {{Single Trace Attack Against RSA Key Generation in Intel SGX SSL}},
 year = {2018}
}

@inproceedings{Weiser2019SGXJail,
 author = {Weiser, Samuel and Mayr, Luca and Schwarz, Michael and Gruss, Daniel},
 booktitle = {RAID},
 title = {{SGXJail}: Defeating Enclave Malware via Confinement},
 year = {2019}
}

@inproceedings{Weiser2020big,
 author = {Samuel Weiser and David Schrammel and Lukas Bodner and Raphael Spreitzer},
 booktitle = {{USENIX} Security Symposium},
 title = {{Big Numbers - Big Troubles: Systematically Analyzing Nonce Leakage in (EC)DSA Implementations}},
 year = {2020}
}

@inproceedings{Weiss2012,
 author = {Wei\ss{}, Michael and Heinz, Benedikt and Stumpf, Frederic},
 booktitle = {FC'12},
 number = {1},
 pages = {314--328},
 title = {{A Cache Timing Attack on AES in Virtualization Environments}},
 year = {2012}
}

@inproceedings{Weisse2017,
 author = {Ofir Weisse and
Valeria Bertacco and
Todd M. Austin},
 booktitle = {{ISCA}},
 title = {Regaining Lost Cycles with HotCalls: {A} Fast Interface for {SGX} Secure Enclaves},
 year = {2017}
}

@misc{Weisse2018foreshadow,
 author = {Weisse, Ofir and Van Bulck, Jo and Minkin, Marina and Genkin, Daniel and Kasikci, Baris and Piessens, Frank and Silberstein, Mark and Strackx, Raoul and Wenisch, Thomas F and Yarom, Yuval},
 title = {{Foreshadow-NG: Breaking the Virtual Memory Abstraction with Transient Out-of-Order Execution}},
 url = {https://foreshadowattack.eu/foreshadow-NG.pdf},
 year = {2018}
}

@inproceedings{Weisse2019,
 author = {Weisse, Ofir and Neal, Ian and Loughlin, Kevin and Wenisch, Thomas F and Kasikci, Baris},
 booktitle = {MICRO},
 title = {Nda: Preventing speculative execution attacks at their source},
 year = {2019}
}

@article{Weissman2019,
 author = {Weissman, Zane and Tiemann, Thore and Moghimi, Daniel and Custodio, Evan and Eisenbarth, Thomas and Sunar, Berk},
 journal = {arXiv:1912.11523},
 title = {{JackHammer: Efficient Rowhammer on Heterogeneous FPGA-CPU Platforms}},
 year = {2019}
}

@inproceedings{wen2023transformers,
 author = {Wen, Qingsong and Zhou, Tian and Zhang, Chaoli and Chen, Weiqi and Ma, Ziqing and Yan, Junchi and Sun, Liang},
 booktitle = {IJCAI},
 doi = {10.24963/ijcai.2023/759},
 title = {Transformers in time series: a survey},
 year = {2023}
}

@misc{Wennborg2015,
 author = {Wennborg, Hans},
 month = {October},
 title = {{The recent switch lowering improvements}},
 url = {http://llvm.org/devmtg/2015-10/slides/Wennborg-SwitchLowering.pdf},
 year = {2015}
}

@article{Wenzl2019Hack,
 author = {Wenzl, Matthias and Merzdovnik, Georg and Ullrich, Johanna and Weippl, Edgar},
 journal = {CSUR},
 title = {{From hack to elaborate technique—a survey on binary rewriting}},
 year = {2019}
}

@inproceedings{Werner2016,
 author = {Werner, Jan and Baltas, George and Dallara, Rob and Otterness, Nathan and Snow, Kevin Z and Monrose, Fabian and Polychronakis, Michalis},
 booktitle = {{AsiaCCS}},
 title = {{No-execute-after-read: Preventing code disclosure in commodity software}},
 year = {2016}
}

@inproceedings{Werner2019,
 author = {Werner, Mario and Unterluggauer, Thomas and Giner, Lukas and Schwarz, Michael and Gruss, Daniel and Mangard, Stefan},
 booktitle = {USENIX Security Symposium},
 title = {{ScatterCache: Thwarting Cache Attacks via Cache Set Randomization}},
 year = {2019}
}

@misc{Whatwg2023Cors,
 author = {{Web Hypertext Application Technology Working Group (WHATWG)}},
 title = {{CORS Protocol}},
 url = {https://fetch.spec.whatwg.org/#cors-protocol},
 year = {2023}
}

@misc{WICG2023HID,
 author = {{Web Incubator Community Group (WICG)}},
 title = {{WebHID Explainer}},
 url = {https://wicg.github.io/webhid/EXPLAINER.html},
 year = {2023}
}

@misc{WICG2023IsolatedWebApps,
 author = {{Web Incubator Community Group (WICG)}},
 title = {{Isolated Web Apps Explainer}},
 url = {https://github.com/WICG/isolated-web-apps/blob/main/README.md},
 year = {2023}
}

@misc{wicg2024htmlsanitizer,
 author = {{Web Incubator Community Group (WICG)}},
 title = {{HTML Sanitizer API Draft Community Group Report}},
 url = {https://wicg.github.io/sanitizer-api/},
 year = {2024}
}

@inproceedings{wichelmann2018microwalk,
 author = {Wichelmann, Jan and Moghimi, Ahmad and Eisenbarth, Thomas and Sunar, Berk},
 booktitle = {{ACSAC}},
 title = {{MicroWalk: A Framework for Finding Side Channels in Binaries}},
 year = {2018}
}

@inproceedings{Wichelmann2022cipherfix,
 author = {Wichelmann, Jan and P{\"a}tschke, Anna and Wilke, Luca and Eisenbarth, Thomas},
 booktitle = {{USENIX Security}},
 title = {Cipherfix: Mitigating Ciphertext Side-Channel Attacks in Software},
 year = {2023}
}

@inproceedings{Wichelmann2022Microwalk,
 author = {Wichelmann, Jan and Sieck, Florian and P{\"a}tschke, Anna and Eisenbarth, Thomas},
 booktitle = {SIGSAC},
 title = {Microwalk-CI: practical side-channel analysis for JavaScript applications},
 year = {2022}
}

@inproceedings{wichelmann2022microwalk,
 author = {Wichelmann, Jan and Sieck, Florian and P{\"a}tschke, Anna and Eisenbarth, Thomas},
 booktitle = {CCS},
 title = {Microwalk-CI: Practical side-channel analysis for JavaScript applications},
 year = {2022}
}

@inproceedings{wichelmann2024obelix,
 author = {Wichelmann, Jan and Rabich, Anja and P{\"a}tschke, Anna and Eisenbarth, Thomas},
 booktitle = {S\&P},
 title = {Obelix: Mitigating Side-Channels through Dynamic Obfuscation},
 year = {2024}
}

@inproceedings{Wiebing2024InSpectre,
 author = {Wiebing, Sander and de Faveri Tron, Alvise and Bos, Herbert and Giuffrida, Cristiano},
 booktitle = {{USENIX Security}},
 title = {InSpectre Gadget: Inspecting the residual attack surface of cross-privilege Spectre v2},
 year = {2024}
}

@misc{Wikipedia2015rowhammer,
 author = {{Wikipedia}},
 month = {August},
 title = {{Talk:Row hammer - Refresh rate}},
 url = {https://en.wikipedia.org/w/index.php?title=Talk:Row_hammer&oldid=674939880},
 year = {2015}
}

@misc{Wikipedia2023Applefonts,
 author = {Wikipedia},
 title = {{List of typefaces included with macOS}},
 url = {{https://en.wikipedia.org/wiki/List_of_typefaces_included_with_macOS}},
 year = {2023}
}

@misc{Wikipedia2025JsonP,
 author = {Wikipedia},
 title = {JSONP},
 url = {https://en.wikipedia.org/wiki/JSONP},
 year = {2025}
}

@misc{WikiWand2019SMAP,
 author = {{Wikiwand}},
 title = {{Supervisor Mode Access Prevention}},
 url = {https://www.wikiwand.com/en/Supervisor_Mode_Access_Prevention},
 year = {2019}
}

@inproceedings{Wikner2022retbleed,
 author = {Wikner, Johannes and Razavi, Kaveh},
 booktitle = {{USENIX Security}},
 title = {RETBLEED: Arbitrary Speculative Code Execution with Return Instructions},
 year = {2022}
}

@inproceedings{wikner2022spring,
 author = {Wikner, Johannes and Giuffrida, Cristiano and Bos, Herbert and Razavi, Kaveh},
 booktitle = {WOOT},
 title = {Spring: Spectre returning in the browser with speculative load queuing and deep stacks},
 year = {2022}
}

@misc{Wilhelm2016ASLR,
 author = {Wilhelm, Felix},
 title = {{PoC} for breaking hypervisor {ASLR} using branch target buffer collisions},
 url = {https://github.com/felixwilhelm/mario_baslr},
 year = {2016}
}

@inproceedings{Wilke2020sevurity,
 author = {Wilke, Luca and Wichelmann, Jan and Morbitzer, Mathias and Eisenbarth, Thomas},
 booktitle = {S\&P},
 title = {SEVurity: No Security Without Integrity--Breaking Integrity-Free Memory Encryption with Minimal Assumptions},
 year = {2020}
}

@misc{wilke2023psevstep,
 archiveprefix = {arXiv},
 author = {Luca Wilke and Jan Wichelmann and Anja Rabich and Thomas Eisenbarth},
 eprint = {2307.14757},
 primaryclass = {cs.CR},
 title = {SEV-Step: A Single-Stepping Framework for AMD-SEV},
 year = {2023}
}

@misc{Wilke2023SEVStep,
 author = {Wilke, Luca},
 title = {{SEV Step}},
 url = {https://github.com/sev-step/sev-step},
 year = {2023}
}

@misc{wilke2023sevstep,
 archiveprefix = {arXiv},
 author = {Luca Wilke and Jan Wichelmann and Anja Rabich and Thomas Eisenbarth},
 eprint = {2307.14757},
 primaryclass = {cs.CR},
 title = {SEV-Step: A Single-Stepping Framework for AMD-SEV},
 year = {2023}
}

@article{wilke2024sev,
 author = {Wilke, Luca and Wichelmann, Jan and Rabich, Anja and Eisenbarth, Thomas},
 journal = {IACR Trans. Cryptogr. Hardw. Embed. Syst.},
 title = {SEV-Step: A single-stepping framework for AMD-SEV},
 year = {2024}
}

@inproceedings{wilke2024tdxdown,
 author = {Wilke, Luca and Sieck, Florian and Eisenbarth, Thomas},
 booktitle = {CCS},
 title = {{TDXdown: Single-Stepping and Instruction Counting Attacks against Intel TDX}},
 year = {2024}
}

@inproceedings{Willems2012,
 author = {Willems, Carsten and Hund, Ralf and Fobian, Andreas and Felsch, Dennis and Holz, Thorsten and Vasudevan, Amit},
 booktitle = {ACSAC'12},
 title = {Down to the bare metal: Using processor features for binary analysis},
 year = {2012}
}

@article{Williams2015Inspecting,
 author = {Williams, J},
 journal = {BlackHat USA},
 title = {{Inspecting data from the safety of your trusted execution environment}},
 year = {2015}
}

@article{Williams2016,
 author = {Chris Williams},
 day = {6},
 month = {3},
 publisher = {The Register},
 title = {{AMD to fix slippery hypervisor-busting bug in its CPU microcode}},
 url = {https://www.theregister.co.uk/2016/03/06/amd_microcode_6000836_fix/},
 year = {2016}
}

@article{Williams2018Kernel,
 author = {Chris Williams},
 journal = {The Register},
 title = {{Kernel-memory-leaking Intel processor design flaw forces Linux, Windows redesign}},
 url = {https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/}
}

@inproceedings{williams2018unikernels,
 author = {Williams, Dan and Koller, Ricardo and Lucina, Martin and Prakash, Nikhil},
 booktitle = {Proceedings of the ACM Symposium on Cloud Computing},
 pages = {199--211},
 title = {Unikernels as processes},
 year = {2018}
}

@misc{WilliamsIverilog,
 author = {Stephen Williams},
 title = {Icarus Verilog},
 url = {https://steveicarus.github.io/iverilog/},
 year = {2024}
}

@inproceedings{Willmann2008,
 author = {Willmann, Paul and Rixner, Scott and Cox, Alan L.},
 booktitle = {Proceedings of the 2008 USENIX Annual Technical Conference (USENIX ATC'08)},
 pages = {15--28},
 title = {{Protection strategies for direct access to virtualized I/O devices}},
 year = {2008}
}

@misc{Win10DynamicLock,
 author = {Microsoft},
 title = {Lock your Windows 10 PC automatically when you step away from it},
 url = {https://support.microsoft.com/en-us/help/4028111/windows-lock-your-windows-10-pc-automatically-when-you-step-away-from},
 year = {2019}
}

@misc{WinAPI,
 author = {Microsoft},
 month = {July},
 title = {Programming reference for Windows API},
 url = {https://docs.microsoft.com/en-us/windows/desktop/api/index},
 year = {2018}
}

@inproceedings{winderix2024architectural,
 author = {Winderix, Hans and Bognar, Marton and Noorman, Job and Daniel, Lesly-Ann and Piessens, Frank},
 booktitle = {S\&P},
 title = {Architectural Mimicry: Innovative Instructions to Efficiently Address Control-Flow Leakage in Data-Oblivious Programs},
 year = {2024}
}

@misc{WindowsServerDeduplication,
 author = {{Microsoft}},
 month = {April},
 title = {{Cache and Memory Manager Improvements}},
 url = {https://docs.microsoft.com/en-us/windows-server/administration/performance-tuning/subsystem/cache-memory-management/improvements-in-windows-server},
 year = {2017}
}

@misc{WIRED2016Snowden,
 author = {{WIRED}},
 title = {{A Government Error Just Revealed Snowden Was the Target in the Lavabit Case}},
 url = {https://www.wired.com/2016/03/government-error-just-revealed-snowden-target-lavabit-case/},
 year = {2016}
}

@misc{WIRED2023Yubikey,
 author = {{WIRED}},
 title = {{Chrome Lets Hackers Phish Even 'Unphishable' Yubikey Users}},
 url = {https://www.wired.com/story/chrome-yubikey-phishing-webusb/},
 year = {2018}
}

@misc{Wireshark2020USB,
 author = {{Wireshark}},
 title = {{USB capture setup}},
 url = {https://wiki.wireshark.org/CaptureSetup/USB},
 year = {2020}
}

@misc{Wirth1976,
 author = {Wirth, Nikolaus},
 month = {September},
 pages = {29},
 title = {Pascal Newsletter},
 volume = {5},
 year = {1976}
}

@inproceedings{wistoff2021fencet,
 author = {Wistoff, Nils and Schneider, Moritz and Gürkaynak, Frank K. and Benini, Luca and Heiser, Gernot},
 booktitle = {Design, Automation \& Test in Europe Conference \& Exhibition (DATE)},
 title = {Microarchitectural Timing Channels and their Prevention on an Open-Source 64-bit RISC-V Core},
 year = {2021}
}

@article{wistoff2022systematic,
 author = {Wistoff, Nils and Schneider, Moritz and G{\"u}rkaynak, Frank K and Heiser, Gernot and Benini, Luca},
 journal = {IEEE Transactions on Computers},
 title = {Systematic prevention of on-core timing channels by full temporal partitioning},
 year = {2022}
}

@inproceedings{wistoff2024fence,
 author = {Wistoff, Nils and Heiser, Gernot and Benini, Luca},
 booktitle = {ApplePies},
 title = {fence. ts: Closing Timing Channels in High-Performance Out-of-Order Cores through ISA-Supported Temporal Partitioning},
 year = {2024}
}

@inproceedings{Wojtczuk2009,
 author = {Wojtczuk, Rafal and Rutkowska, Joanna},
 booktitle = {Black Hat Briefings},
 title = {{Attacking Intel Trusted Execution Technology}},
 year = {2009}
}

@article{Wojtczuk2011,
 author = {Wojtczuk, Rafal and Rutkowska, Joanna},
 journal = {invisiblethingslab.com},
 title = {{Following the White Rabbit: Software attacks against Intel VT-d technology}},
 year = {2011}
}

@misc{WolframAlpha,
 author = {Wolfram},
 title = {{Wolfram Alpha: Computational Intelligence}},
 url = {https://www.wolframalpha.com/},
 year = {2020}
}

@misc{wolfSSL,
 author = {wolfSSL},
 title = {{wolfSSL: Embedded TLS Library}},
 url = {https://www.wolfssl.com/},
 year = {2023}
}

@inproceedings{Wong2010,
 author = {Wong, Henry and Papadopoulou, Misel-Myrto and Sadooghi-Alvandi, Maryam and Moshovos, Andreas},
 booktitle = {Proceedings of the 2010 IEEE International Symposium on Performance Analysis of Systems \& Software (ISPASS)},
 month = {March},
 pages = {235--246},
 publisher = {Ieee},
 title = {{Demystifying GPU microarchitecture through microbenchmarking}},
 year = {2010}
}

@misc{Wong2013Intel,
 author = {Henry Wong},
 title = {{Intel Ivy Bridge Cache Replacement Policy}},
 url = {http://blog.stuffedcow.net/2013/01/ivb-cache-replacement/},
 year = {2013}
}

@misc{Wong2013ROB,
 author = {Henry Wong},
 title = {{Measuring Reorder Buffer Capacity}},
 url = {http://blog.stuffedcow.net/2013/05/measuring-rob-capacity/},
 year = {2013}
}

@misc{Wong2014STL,
 author = {Henry Wong},
 month = {jan},
 title = {Store-to-Load Forwarding and Memory Disambiguation in {x86} Processors},
 url = {http://blog.stuffedcow.net/2014/01/x86-memory-disambiguation/},
 year = {2014}
}

@article{wong2015timing,
 author = {Wong, David},
 journal = {IACR Cryptology ePrint Archive},
 title = {{Timing and Lattice Attacks on a Remote ECDSA OpenSSL Server: How Practical Are They Really?}},
 year = {2015}
}

@misc{Wong2018microbenchmarking,
 author = {Henry Wong},
 note = {Retrieved on September 17, 2018},
 title = {{Microbenchmarking Return Address Branch Prediction}},
 url = {http://blog.stuffedcow.net/2018/04/ras-microbenchmarks/}
}

@misc{Wong2018specpoline,
 author = {Henry Wong},
 month = {may},
 title = {The Microarchitecture Behind Meltdown},
 url = {http://blog.stuffedcow.net/2018/05/meltdown-microarchitecture/},
 year = {2018}
}

@misc{Woodhouse18rsbunderflow,
 author = {{Woodhouse, David}},
 month = {January},
 title = {{x86/retpoline: Avoid return buffer underflows on context switch}},
 url = {https://lore.kernel.org/patchwork/patch/871060/},
 year = {2018}
}

@incollection{Woudenberg2011,
 author = {van Woudenberg, Jasper GJ and Witteman, Marc F and Bakker, Bram},
 booktitle = {CT-RSA 2011},
 title = {Improving differential power analysis by elastic alignment},
 year = {2011}
}

@article{Wray1992,
 author = {Wray, John C},
 journal = {Journal of Computer Security},
 title = {{An Analysis of Covert Timing Channels}},
 year = {1992}
}

@inproceedings{Wu2012,
 author = {Wu, Zhenyu and Xu, Zhang and Wang, Haining},
 booktitle = {{USENIX} Security Symposium},
 title = {{Whispers in the Hyper-space: High-speed Covert Channel Attacks in the Cloud}},
 year = {2012}
}

@article{Wu2014,
 author = {Wu, Zhenyu and Xu, Zhang and Wang, Haining},
 journal = {ACM Transactions on Networking},
 title = {{Whispers in the Hyper-space: High-bandwidth and Reliable Covert Channel Attacks inside the Cloud}},
 year = {2014}
}

@inproceedings{Wu2018eliminating,
 author = {Wu, Meng and Guo, Shengjian and Schaumont, Patrick and Wang, Chao},
 booktitle = {ISSTA},
 title = {Eliminating timing side-channel leaks using program repair},
 year = {2018}
}

@inproceedings{Wu2019,
 author = {Shujiang Wu and Song Li and Yinzhi Cao and Ningfei Wang},
 booktitle = {USENIX Security Symposium},
 title = {Rendered Private: Making {GLSL} Execution Uniform to Prevent WebGL-based Browser Fingerprinting},
 year = {2019}
}

@inproceedings{Wu2019abstract,
 author = {Wu, Meng and Wang, Chao},
 booktitle = {PLDI},
 title = {Abstract interpretation under speculative execution},
 year = {2019}
}

@inproceedings{wu2022high,
 author = {Wu, Jiatong and Cui, Baojiang and Chen, Chen and Long, Xiang},
 booktitle = {IMIS},
 title = {A high efficiency and accuracy method for x86 undocumented instruction detection and classification},
 year = {2021}
}

@article{wulf1995hitting,
 author = {Wulf, Wm A and McKee, Sally A},
 journal = {SIGARCH},
 title = {Hitting the memory wall: Implications of the obvious},
 year = {1995}
}

@misc{Xcalibyte2022Laptop,
 author = {Xcalibyte},
 title = {{Roma Laptop Pre-order}},
 url = {https://xcalibyte.com.cn/en/roma-preorder/},
 year = {2022}
}

@misc{Xdocu2014,
 author = {{X.org Foundation}},
 month = {10},
 title = {xorg Documentation},
 url = {https://www.x.org/wiki/Documentation/},
 year = {2014}
}

@misc{Xen2009,
 author = {{xenbits.xen.org}},
 title = {page.h source code},
 url = {http://xenbits.xen.org/gitweb/?p=xen.git;a=blob;hb=refs/heads/stable-4.3;f=xen/include/asm-x86/x86_64/page.h},
 year = {2009}
}

@misc{xen2023dss,
 author = {{Xenproject.org Security Team}},
 title = {{XSA-439: Divide speculative information leak}},
 url = {https://xenbits.xen.org/xsa/advisory-439.html},
 year = {2023}
}

@misc{XENL1TFPrefetch,
 author = {{xenbits}},
 title = {{Cache-load gadgets exploitable with L1TF}},
 url = {https://xenbits.xen.org/xsa/advisory-289.html},
 year = {2019}
}

@inproceedings{Xi2006,
 author = {Xi, Xiaopeng and Keogh, Eamonn and Shelton, Christian and Wei, Li and Ann Ratanamahatana, Chotirat},
 booktitle = {{Proceedings of the 23rd International Conference on Machine Learning}},
 title = {{Fast Time Series Classification Using Numerosity Reduction}},
 year = {2006}
}

@inproceedings{Xia2012,
 author = {Xia, Yubin and Liu, Yutao and Chen, Haibo and Zang, Binyu},
 booktitle = {DSN'12},
 title = {{CFIMon}: Detecting violation of control flow integrity using performance counters},
 year = {2012}
}

@inproceedings{Xiao2010new,
 author = {Xiao, Xu and Zhang, Xiao-song and others},
 booktitle = {First International Conference on Pervasive Computing, Signal Processing and Applications},
 title = {New approach to path explosion problem of symbolic execution},
 year = {2010}
}

@inproceedings{Xiao2012covert,
 author = {Xiao, Jidong and Xu, Zhang and Huang, Hai and Wang, Haining},
 booktitle = {{CCS}},
 title = {{A covert channel construction in a virtualized environment}},
 year = {2012}
}

@inproceedings{Xiao2013security,
 author = {Xiao, Jidong and Xu, Zhang and Huang, Hai and Wang, Haining},
 booktitle = {{International Conference on Dependable Systems and Networks (DSN)}},
 title = {{Security implications of memory deduplication in a virtualized environment}},
 year = {2013}
}

@inproceedings{Xiao2016,
 author = {Yuan Xiao and Xiaokuan Zhang and Yinqian Zhang and Radu Teodorescu},
 booktitle = {USENIX Security Symposium},
 title = {One Bit Flips, One Cloud Flops: Cross-VM Row Hammer Attacks and Privilege Escalation},
 year = {2016}
}

@inproceedings{Xiao2017stacco,
 author = {Xiao, Yuan and Li, Mengyuan and Chen, Sanchuan and Zhang, Yinqian},
 booktitle = {{CCS}},
 title = {{Stacco: Differentially Analyzing Side-channel Traces for Detecting SSL/TLS Vulnerabilities in Secure Enclaves}},
 year = {2017}
}

@inproceedings{Xiao2019Speechminer,
 author = {Xiao, Yuan and Zhang, Yinqian and Teodorescu, Radu},
 booktitle = {{NDSS}},
 title = {{SPEECHMINER: A Framework for Investigating and Measuring Speculative Execution Vulnerabilities}},
 year = {2020}
}

@article{xiao2023exploiting,
 author = {Xiao, Chong and Tang, Ming and Guilley, Sylvain},
 journal = {Journal of Systems Architecture},
 title = {Exploiting the microarchitectural leakage of prefetching activities for side-channel attacks},
 year = {2023}
}

@inproceedings{Xie2011,
 author = {Xie, Xinwei and Xue, Jingling},
 booktitle = {CGO},
 title = {Acculock: Accurate and Efficient Detection of Data Races},
 year = {2011}
}

@inproceedings{Xiong2020leaking,
 author = {Xiong, Wenjie and Szefer, Jakub},
 booktitle = {HPCA},
 title = {{Leaking Information Through Cache LRU States}},
 year = {2020}
}

@article{Xiong2020survey,
 author = {Xiong, Wenjie and Szefer, Jakub},
 journal = {arXiv:2005.13435},
 title = {{Survey of Transient Execution Attacks}},
 year = {2020}
}

@article{xiong2021survey,
 author = {Xiong, Wenjie and Szefer, Jakub},
 journal = {ACM Comput. Surv.},
 title = {Survey of Transient Execution Attacks and Their Mitigations},
 year = {2021}
}

@inproceedings{Xu2011,
 author = {Xu, Yunjing and Bailey, Michael and Jahanian, Farnam and Joshi, Kaustubh and Hiltunen, Matti and Schlichting, Richard},
 booktitle = {CCSW'11},
 title = {{An exploration of L2 cache covert channels in virtualized environments}},
 year = {2011}
}

@inproceedings{Xu2015collision,
 author = {Xu, Wen and Li, Juanru and Shu, Junliang and Yang, Wenbo and Xie, Tianyi and Zhang, Yuanyuan and Gu, Dawu},
 booktitle = {{CCS}},
 title = {{From collision to exploitation: Unleashing use-after-free vulnerabilities in linux kernel}},
 year = {2015}
}

@inproceedings{Xu2015controlled,
 author = {Xu, Yuanzhong and Cui, Weidong and Peinado, Marcus},
 booktitle = {{S\&P}},
 title = {{Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems}},
 year = {2015}
}

@inproceedings{Xu2015coresidence,
 author = {Xu, Zhang and Wang, Haining and Wu, Zhenyu},
 booktitle = {USENIX Security Symposium},
 title = {{A Measurement Study on Co-residence Threat inside the Cloud}},
 year = {2015}
}

@inproceedings{xu2017concolic,
 author = {Xu, Hui and Zhou, Yangfan and Kang, Yu and Lyu, Michael R},
 booktitle = {DSN},
 title = {Concolic execution on small-size binaries: Challenges and empirical study},
 year = {2017}
}

@inproceedings{Xu2018precise,
 author = {Xu, Meng and Qian, Chenxiong and Lu, Kangjie and Backes, Michael and Kim, Taesoo},
 booktitle = {{S\&P}},
 title = {{Precise and Scalable Detection of Double-Fetch Bugs in OS Kernels}},
 year = {2018}
}

@inproceedings{Xu2018privacy,
 author = {Xu, Haitao and Hao, Shuai and Sari, Alparslan and Wang, Haining},
 booktitle = {IEEE INFOCOM},
 title = {Privacy Risk Assessment on Email Tracking},
 year = {2018}
}

@inproceedings{Xu2023Morfuzz,
 author = {Xu, Jinyan and Liu, Yiyuan and He, Sirui and Lin, Haoran and Zhou, Yajin and Wang, Cong},
 booktitle = {USENIX Security},
 title = {{MorFuzz}: Fuzzing processor via runtime instruction morphing enhanced synchronizable co-simulation},
 year = {2023}
}

@article{xu2025dejavuzz,
 author = {Xu, Jinyan and Zhou, Yangye and Zhang, Xingzhi and Li, Yinshuai and Tan, Qinhan and Zhang, Yinqian and Zhou, Yajin and Chang, Rui and Shen, Wenbo},
 journal = {arXiv preprint},
 title = {{DejaVuzz: Disclosing Transient Execution Bugs with Dynamic Swappable Memory and Differential Information Flow Tracking assisted Processor Fuzzing}},
 year = {2025}
}

@misc{Xuantie_C906,
 author = {{T-Head Semiconductor}},
 title = {Xuantie C906 R1S0 User Manual},
 url = {https://dl.linux-sunxi.org/D1/Xuantie_C906_R1S0_User_Manual.pdf},
 year = {2022}
}

@misc{XuanwuLab2015,
 author = {{XuanwuLab}},
 month = {June},
 note = {Retrieved on July 16, 2015},
 title = {{Research report on using JIT to trigger RowHammer }},
 url = {https://xuanwulab.github.io/2015/06/09/Research-report-on-using-JIT-to-trigger-RowHammer/},
 year = {2015}
}

@inproceedings{yaglikci2021blockhammer,
 author = {Ya{\u{g}}l{\i}k{\c{c}}{\i}, A Giray and Patel, Minesh and Kim, Jeremie S. and Azizibarzoki, Roknoddin and Olgun, Ataberk and Orosa, Lois and Hassan, Hasan and Park, Jisung and Kanellopoullos, Konstantinos and Shahroodi, Taha and Ghose, Saugata and Mutlu, Onur},
 booktitle = {HPCA},
 title = {{BlockHammer: Preventing RowHammer at Low Cost by Blacklisting Rapidly-Accessed DRAM Rows}},
 year = {2021}
}

@inproceedings{Yan2015,
 author = {Lin Yan and Yao Guo and Xiangqun Chen and Hong Mei},
 booktitle = {Symposium on Internetware},
 title = {{A Study on Power Side Channels on Mobile Devices}},
 year = {2015}
}

@inproceedings{Yan2016pivot,
 author = {Yan, Fei and Huang, Fan and Zhao, Lei and Peng, Huirong and Wang, Qian},
 booktitle = {ICPADS},
 title = {Baseline is fragile: on the effectiveness of stack pivot defense},
 year = {2016}
}

@inproceedings{Yan2018InvisiSpec,
 author = {Yan, Mengjia and Choi, Jiho and Skarlatos, Dimitrios and Morrison, Adam and Fletcher, Christopher W.  and Torrellas, Josep},
 booktitle = {MICRO},
 title = {{InvisiSpec: Making Speculative Execution Invisible in the Cache Hierarchy}},
 year = {2018}
}

@inproceedings{Yan2019,
 author = {Yan, Mengjia and Sprabery, Read and Gopireddy, Bhargava and Fletcher, Christopher and Campbell, Roy and Torrellas, Josep},
 booktitle = {S\&P},
 title = {Attack directories, not caches: Side channel attacks in a non-inclusive world},
 year = {2019}
}

@inproceedings{Yan2019secdir,
 author = {Yan, Mengjia and Wen, Jen-Yang and Fletcher, Christopher W and Torrellas, Josep},
 booktitle = {ISCA},
 title = {SecDir: a secure directory to defeat directory side-channel attacks},
 year = {2019}
}

@inproceedings{Yan2025Relocate,
 author = {Yuqin Yan and Wei Huang and Ilya Grishchenko and Gururaj Saileshwar and Aastha Mehta and David Lie},
 booktitle = {{USENIX Security}},
 title = {Relocate-Vote: Using Sparsity Information to Exploit Ciphertext Side-Channels},
 year = {2025}
}

@inproceedings{yang2015protecting,
 author = {Yang, Yang and Guan, Zhi and Liu, Zhe and Chen, Zhong},
 booktitle = {ICICS},
 title = {Protecting Elliptic Curve Cryptography Against Memory Disclosure Attacks},
 year = {2015}
}

@article{yang2021plcrypto,
 author = {Yang, Zheng and Bao, Zhiting and Jin, Chenglu and Liu, Zhe and Zhou, Jianying},
 journal = {IACR Transactions on Symmetric Cryptology},
 title = {PLCrypto: A symmetric cryptographic library for programmable logic controllers},
 year = {2021}
}

@inproceedings{Yao2020Deephammer,
 author = {Fan Yao and Adnan Siraj Rakin and Deliang Fan},
 booktitle = {USENIX Security Symposium},
 title = {{DeepHammer}: Depleting the Intelligence of Deep Neural Networks through Targeted Chain of Bit Flips},
 year = {2020}
}

@inproceedings{Yarom2014Flush,
 author = {Yarom, Yuval and Falkner, Katrina},
 booktitle = {USENIX Security Symposium},
 title = {{Flush+Reload: a High Resolution, Low Noise, L3 Cache Side-Channel Attack}},
 year = {2014}
}

@article{Yarom2014recovering,
 author = {Yarom, Yuval and Benger, Naomi},
 journal = {Cryptology ePrint Archive, Report 2014/140},
 title = {{Recovering OpenSSL ECDSA Nonces Using the FLUSH+ RELOAD Cache Side-channel Attack}},
 year = {2014}
}

@article{Yarom2015iacr,
 author = {Yarom, Yuval and Ge, Qian and Liu, Fangfei and Lee, Ruby B. and Heiser, Gernot},
 journal = {Cryptology ePrint Archive, Report 2015/905},
 title = {{Mapping the Intel Last-Level Cache}},
 year = {2015}
}

@misc{Yarom2016mastik,
 author = {Yarom, Yuval},
 title = {{Mastik: A Micro-Architectural Side-Channel Toolkit}},
 url = {https://cs.adelaide.edu.au/~yval/Mastik/},
 year = {2016}
}

@article{Yarom2017cachebleed,
 author = {Yarom, Yuval and Genkin, Daniel and Heninger, Nadia},
 journal = {JCEN},
 title = {{CacheBleed: A Timing Attack on OpenSSL Constant Time RSA}},
 year = {2017}
}

@inproceedings{yarvin1993anonymous,
 author = {Yarvin, Curtis and Bukowski, Richard and Anderson, Thomas},
 booktitle = {USENIX Summer},
 title = {Anonymous RPC: Low-Latency Protection in a 64-Bit Address Space.},
 year = {1993}
}

@inproceedings{ye2014coloris,
 author = {Ye, Ying and West, Richard and Cheng, Zhuoqun and Li, Ye},
 booktitle = {PACT},
 title = {{Coloris: a dynamic cache partitioning system using page coloring}},
 year = {2014}
}

@inproceedings{yee2009native,
 author = {Yee, Bennet and Sehr, David and Dardyk, Gregory and Chen, J Bradley and Muth, Robert and Ormandy, Tavis and Okasaka, Shiki and Narula, Neha and Fullagar, Nicholas},
 booktitle = {2009 30th IEEE Symposium on Security and Privacy},
 organization = {IEEE},
 pages = {79--93},
 title = {Native client: A sandbox for portable, untrusted x86 native code},
 year = {2009}
}

@inproceedings{Yeh1991,
 author = {Yeh, Tse-Yu and Patt, Yale N},
 booktitle = {Proceedings of the 24th annual international symposium on Microarchitecture},
 organization = {ACM},
 pages = {51--61},
 title = {Two-level adaptive training branch prediction},
 year = {1991}
}

@article{Yen2000Fault,
 author = {Yen, Sung-Ming and Joye, Marc},
 journal = {IEEE Transactions on computers},
 title = {Checking before output may not be enough against fault-based cryptanalysis},
 volume = {49},
 year = {2000}
}

@article{Ylonen2006,
 author = {Ylonen, Tatu and Lonvick, Chris},
 title = {{The secure shell (SSH) protocol architecture}},
 year = {2006}
}

@inproceedings{Yoo2013,
 author = {Yoo, Richard M and Hughes, Christopher J and Lai, Konrad and Rajwar, Ravi},
 booktitle = {International Conference on High Performance Computing, Networking, Storage and Analysis},
 title = {{Performance evaluation of Intel{\textregistered} transactional synchronization extensions for high-performance computing}},
 year = {2013}
}

@book{Yosifovich2017,
 author = {Pavel Yosifovich and Alex Ionescu and Mark E. Russinovich and David A. Solomon},
 edition = {7},
 publisher = {Microsoft Press},
 title = {Windows Internals Part 1},
 year = {2017}
}

@inproceedings{You2010malware,
 author = {You, Ilsun and Yim, Kangbin},
 booktitle = {Broadband, Wireless Computing, Communication and Applications},
 title = {Malware obfuscation techniques: A brief survey},
 year = {2010}
}

@inproceedings{you2019mrloc,
 author = {You, Jung Min and Yang, Joon-Sung},
 booktitle = {DAC},
 title = {MRLoc: Mitigating Row-hammering based on memory Locality},
 year = {2019}
}

@inproceedings{Younan2015,
 author = {Younan, Yves},
 booktitle = {{NDSS'15}},
 title = {{FreeSentry: protecting against use-after-free vulnerabilities due to dangling pointers.}},
 year = {2015}
}

@article{Young2002,
 author = {Young, J},
 journal = {CRYPTOME},
 title = {{NSA tempest documents}},
 year = {2002}
}

@inproceedings{young2019true,
 author = {Young, Ethan G and Zhu, Pengfei and Caraza-Harter, Tyler and Arpaci-Dusseau, Andrea C and Arpaci-Dusseau, Remzi H},
 booktitle = {11th $\{$USENIX$\}$ Workshop on Hot Topics in Cloud Computing (HotCloud 19)},
 title = {The true cost of containing: A gVisor case study},
 year = {2019}
}

@inproceedings{Yu2005,
 author = {Yu, Yuan and Rodeheffer, Tom and Chen, Wei},
 booktitle = {SOSP },
 title = {RaceTrack: Efficient Detection of Data Race Conditions via Adaptive Tracking},
 year = {2005}
}

@inproceedings{Yu2007javascript,
 author = {Yu, Dachuan and Chander, Ajay and Islam, Nayeem and Serikov, Igor},
 booktitle = {{ACM SIGPLAN Notices}},
 title = {{JavaScript instrumentation for browser security}},
 year = {2007}
}

@article{yu2018data,
 author = {Yu, Jiyong and Hsiung, Lucas and El Hajj, Mohamad and Fletcher, Christopher W},
 journal = {Cryptology ePrint Archive},
 title = {Data oblivious ISA extensions for side channel-resistant and high performance computing},
 year = {2018}
}

@inproceedings{Yu2019data,
 author = {Yu, Jiyong and Hsiung, Lucas and El Hajj, Mohamad and Fletcher, Christopher W},
 booktitle = {NDSS},
 title = {{Data Oblivious ISA Extensions for Side Channel-Resistant and High Performance Computing}},
 year = {2019}
}

@inproceedings{Yu2019speculative,
 author = {Yu, Jiyong and Yan, Mengjia and Khyzha, Artem and Morrison, Adam and Torrellas, Josep and Fletcher, Christopher W},
 booktitle = {MICRO},
 title = {Speculative Taint Tracking (STT) A Comprehensive Protection for Speculatively Accessed Data},
 year = {2019}
}

@inproceedings{Yu2023Synchronization,
 author = {Yu, Jiyong and Dutta, Aishani and Jaeger, Trent and Kohlbrenner, David and Fletcher, Christopher W},
 booktitle = {USENIX Security},
 title = {{Synchronization Storage Channels ($S^2C$): Timer-less Cache Side-Channel Attacks on the Apple M1 via Hardware Synchronization Instructions}},
 year = {2023}
}

@inproceedings{Yuan2022AutoSCA,
 author = {Yuanyuan yuan and Qi Pang and Shuai Wang },
 booktitle = {USENIX Security},
 title = {{Automated Side Channel Analysis of Media Software with Manifold Learning}},
 year = {2022}
}

@misc{Zacharopoulos2015,
 author = {Zacharopoulos, Georgios},
 howpublished = {Examensarbete, Uppsala Universitet},
 title = {{Employing Hardware Transactional Memory in Prefetching for Energy Efficiency}},
 year = {2015}
}

@inproceedings{Zagieboylo2019,
 author = {Zagieboylo, Drew and Suh, G Edward and Myers, Andrew C},
 booktitle = {CSF},
 title = {Using information flow to design an isa that controls timing channels},
 year = {2019}
}

@misc{Zalewski2014afl,
 author = {Zalewski, Michal},
 title = {Technical "whitepaper" for afl-fuzz},
 url = {http://lcamtuf.coredump.cx/afl/technical\_details.txt},
 year = {2014}
}

@misc{Zalewski2015,
 author = {Zalewski, Michal},
 title = {{American fuzzy lop}},
 year = {2015}
}

@inproceedings{Zander2008,
 author = {Zander, Sebastian and Murdoch, Steven J},
 booktitle = {USENIX Security Symposium},
 title = {{An Improved Clock-skew Measurement Technique for Revealing Hidden Services}},
 year = {2008}
}

@inproceedings{Zeitouni2018,
 author = {Zeitouni, Shaza and Gens, David and Sadeghi, Ahmad-Reza},
 booktitle = {DAC},
 title = {It's hammer time: how to attack (rowhammer-based) dram-pufs},
 year = {2018}
}

@misc{Zeng2012,
 author = {Thomas M. Zeng},
 title = {The Android ION memory allocator},
 url = {https://lwn.net/Articles/480055/},
 year = {2012}
}

@inproceedings{Zeng2023Retspill,
 author = {Zeng, Kyle and Lin, Zhenpeng and Lu, Kangjie and Xing, Xinyu and Wang, Ruoyu and Doup\'{e}, Adam and Shoshitaishvili, Yan and Bao, Tiffany},
 booktitle = {CCS},
 title = {RetSpill: Igniting User-Controlled Data to Burn Away Linux Kernel Protections},
 year = {2023}
}

@inproceedings{Zhang2009,
 author = {Kehuan Zhang and XiaoFeng Wang},
 booktitle = {{USENIX Security Symposium}},
 title = {{Peeping Tom in the Neighborhood: Keystroke Eavesdropping on Multi-User Systems}},
 year = {2009}
}

@inproceedings{Zhang2009pagecoloring,
 author = {Zhang, Xiao and Dwarkadas, Sandhya and Shen, Kai},
 booktitle = {{EuroSys}},
 title = {Towards Practical Page Coloring-Based Multicore Cache Management},
 year = {2009}
}

@inproceedings{Zhang2011,
 author = {Zhang, Yinqian and Juels, Ari and Oprea, Alina and Reiter, Michael K.},
 booktitle = {S\&P},
 title = {{HomeAlone: Co-residency Detection in the Cloud via Side-Channel Analysis}},
 year = {2011}
}

@inproceedings{Zhang2012,
 author = {Zhang, Yinqian and Juels, Ari and Reiter, Michael K. and Ristenpart, Thomas},
 booktitle = {CCS},
 title = {{Cross-VM Side Channels and Their Use to Extract Private Keys}},
 year = {2012}
}

@inproceedings{Zhang2013,
 author = {Zhang, Yinqian and Reiter, MK},
 booktitle = {CCS},
 title = {{D\"{u}ppel: retrofitting commodity operating systems to mitigate cache side channels in the cloud}},
 year = {2013}
}

@inproceedings{zhang2013side,
 author = {Zhang, Tianwei and Liu, Fangfei and Chen, Si and Lee, Ruby B},
 booktitle = {HASP},
 title = {{Side channel vulnerability metrics: the promise and the pitfalls}},
 year = {2013}
}

@inproceedings{Zhang2014,
 author = {Zhang, Yinqian and Juels, Ari and Reiter, Michael K. and Ristenpart, Thomas},
 booktitle = {CCS},
 title = {{Cross-Tenant Side-Channel Attacks in PaaS Clouds}},
 year = {2014}
}

@inproceedings{Zhang2016CloudRadar,
 author = {Zhang, Tianwei and Zhang, Yinqian and Lee, Ruby B.},
 booktitle = {RAID},
 title = {CloudRadar: A Real-Time Side-Channel Attack Detection System in Clouds},
 year = {2016}
}

@incollection{Zhang2016comprehensive,
 author = {Zhang, Weijuan and Jia, Xiaoqi and Wang, Chang and Zhang, Shengzhi and Huang, Qingjia and Wang, Mingsheng and Liu, Peng},
 booktitle = {Information and Communications Security},
 publisher = {Springer},
 title = {A Comprehensive Study of Co-residence Threat in Multi-tenant Public PaaS Clouds},
 year = {2016}
}

@inproceedings{Zhang2016ROPFR,
 author = {Zhang, Xiaokuan and Xiao, Yuan and Zhang, Yinqian},
 booktitle = {{CCS}},
 title = {{Return-oriented flush-reload side channels on arm and their implications for android devices}},
 year = {2016}
}

@article{Zhang2016TruSpy,
 author = {Zhang, Ning and Sun, Kun and Shands, Deborah and Lou, Wenjing and Hou, Y Thomas},
 journal = {IACR Cryptology ePrint Archive},
 pages = {980},
 title = {{TruSpy: Cache Side-Channel Information Leakage from the Secure World on ARM Devices}},
 volume = {2016},
 year = {2016}
}

@inproceedings{Zhang2018,
 author = {Zhang, Tianwei and Zhang, Yinqian and Lee, Ruby B},
 booktitle = {{ACSAC}},
 title = {{Analyzing Cache Side Channels Using Deep Neural Networks}},
 year = {2018}
}

@article{Zhang2019telehammer,
 author = {Zhang, Zhi and Cheng, Yueqiang and Liu, Dongxi and Nepal, Surya and Wang, Zhi},
 journal = {arXiv:1912.03076},
 title = {{TeleHammer: Cross-Privilege-Boundary Rowhammer through Implicit Accesses}},
 year = {2019}
}

@misc{Zhang2019XOM,
 author = {Mingwei Zhang},
 title = {{XOM-Switch}},
 url = {https://github.com/intel/xom-switch},
 year = {2019}
}

@inproceedings{Zhang2020exploring,
 author = {Zhang, Tao and Koltermann, Kenneth and Evtyushkin, Dmitry},
 booktitle = {ASPLOS},
 title = {Exploring Branch Predictors for Constructing Transient Execution Trojans},
 year = {2020}
}

@article{Zhang2020GhostKnight,
 author = {Zhang, Zhi and Cheng, Yueqiang and Zhang, Yinqian and Nepal, Surya},
 journal = {arXiv:2002.00524},
 title = {{GhostKnight: Breaching Data Integrity via Speculative Execution}},
 year = {2020}
}

@inproceedings{zhang2020klotski,
 author = {Zhang, Pan and Song, Chengyu and Yin, Heng and Zou, Deqing and Shi
, Elaine and Jin, Hai},
 booktitle = {International Conference on
Architectural Support for Programming Languages and Operating
Systems},
 title = {Klotski: Efficient obfuscated execution against controlled-channel
attacks},
 year = {2020}
}

@inproceedings{Zhang2021see,
 author = {Zhang, Zeyu and Zhang, Xiaoli and Li, Qi and Sun, Kun and Zhang, Yinqian and Liu, Songsong and Liu, Yukun and Li, Xiaoning},
 booktitle = {AsiaCCS},
 title = {{See through Walls: Detecting Malware in SGX Enclaves with SGX-Bouncer}},
 year = {2021}
}

@inproceedings{Zhang2021Stbpu,
 author = {Zhang, Tao and Lesch, Timothy and Koltermann, Kenneth and Evtyushkin, Dmitry},
 booktitle = {DSN},
 title = {{STBPU: A Reasonably Secure Branch Prediction Unit}},
 year = {2022}
}

@inproceedings{zhang2022softtrr,
 author = {Zhang, Zhi and Cheng, Yueqiang and Wang, Minghua and He, Wei and Wang, Wenhao and Nepal, Surya and Gao, Yansong and Li, Kang and Wang, Zhe and Wu, Chenggang},
 booktitle = {USENIX ATC},
 title = {{SoftTRR}: Protect Page Tables against Rowhammer Attacks using Software-only Target Row Refresh},
 year = {2022}
}

@inproceedings{zhang2023bunnyhop,
 author = {Zhang, Zhiyuan and Tao, Mingtian and O'Connell, Sioli and Chuengsatiansup, Chitchanok and Genkin, Daniel and Yarom, Yuval},
 booktitle = {USENIX Security Symposium},
 title = {{BunnyHop: Exploiting the Instruction Prefetcher}},
 year = {2023}
}

@inproceedings{Zhang2023MWAIT,
 author = {Ruiyi Zhang and Taehyun Kim and Daniel Weber and Michael Schwarz},
 booktitle = {{USENIX Security}},
 title = {{(M)WAIT for It: Bridging the Gap between Microarchitectural and Architectural Side Channels}},
 year = {2023}
}

@inproceedings{Zhang2024CacheWarp,
 author = {Ruiyi Zhang and Lukas Gerlach and Daniel Weber and Lorenz Hetterich and Youheng L\"u and Andreas Kogler and Michael Schwarz},
 booktitle = {USENIX Security},
 title = {{CacheWarp: Software-based Fault Injection using Selective State Reset}},
 year = {2024}
}

@inproceedings{Zhang2024Demystifying,
 author = {Zhiyuan Zhang and Zhenzhi Lai and Udaya Parampalli},
 booktitle = {ACSAC},
 title = {{R+R: Demystifying ML-Assisted Side-Channel Analysis Framework: A Case of Image Reconstruction}},
 year = {2024}
}

@article{zhang2025conboom,
 article-number = {850},
 author = {Zhang, Zhewen and Liu, Yao and She, Yuhan and Sanka, Abdurrashid Ibrahim and Hung, Patrick S. Y. and Cheung, Ray C. C.},
 doi = {10.3390/electronics14050850},
 issn = {2079-9292},
 journal = {Electronics},
 number = {5},
 title = {ConBOOM: A Configurable CPU Microarchitecture for Speculative Covert Channel Mitigation},
 volume = {14},
 year = {2025}
}

@article{Zhang2025Farfetchd,
 author = {Zhang, Ruiyi and Cheu, Albert and Gascon, Adria and Moghimi, Daniel and Schoppmann, Phillipp and Schwarz, Michael and Suciu, Octavian},
 journal = {arXiv preprint arXiv:2506.15924},
 title = {FARFETCH'D: A Side-Channel Analysis Framework for Privacy Applications on Confidential Virtual Machines},
 year = {2025}
}

@article{Zhang2025StackWarp,
 author = {Ruiyi Zhang and Tristan Hornetz and Daniel Weber and Fabian Thomas and Michael Schwarz},
 journal = {TBD},
 title = {{StackWarp: Breaking AMD SEV-SNP Integrity via Deterministic Stack-Pointer Manipulation through the CPU's Stack Engine}},
 year = {2025}
}

@inproceedings{Zhang2025Taming,
 author = {Ruiyi Zhang and Tristan Hornetz and Lukas Gerlach and Michael Schwarz},
 booktitle = {DIMVA},
 title = {{Taming the Linux Memory Allocator for Rapid Prototyping}},
 year = {2025}
}

@article{Zhao2009cache,
 author = {Zhao, Xin-jie and Wang, Tao and Zheng, Yuanyuan},
 howpublished = {Cryptology ePrint Archive, Report 2009/354},
 title = {{Cache Timing Attacks on Camellia Block Cipher.}},
 year = {2009}
}

@article{zhao2010pipa,
 author = {Zhao, Qin and Cutcutache, Ioana and Wong, Weng-Fai},
 journal = {ACM Transactions on Architecture and Code Optimization},
 title = {Pipa: Pipelined profiling and analysis on multicore systems},
 year = {2010}
}

@inproceedings{Zhao2018,
 author = {Zhao, Mark and Suh, G Edward},
 booktitle = {S\&P},
 title = {{FPGA-based Remote Power Side-Channel Attacks}},
 year = {2018}
}

@inproceedings{Zhao2018fpga,
 author = {Zhao, Mark and Suh, G Edward},
 booktitle = {2018 IEEE Symposium on Security and Privacy (SP)},
 organization = {IEEE},
 pages = {229--244},
 title = {FPGA-based remote power side-channel attacks},
 year = {2018}
}

@inproceedings{Zhao2019,
 author = {Zhao, Shijun and Zhang, Qianying and Qin, Yu and Feng, Wei and Feng, Dengguo},
 booktitle = {{CCS}},
 title = {{SecTEE: A Software-based Approach to Secure Enclave Architecture Using TEE}},
 year = {2019}
}

@article{Zhao2020,
 author = {Zhao, Lutan and Li, Peinan and Hou, Rui and Li, Jiazhen and Huang, Michael C and Zhang, Lixin and Qian, Xuehai and Meng, Dan},
 journal = {arXiv:2005.08183},
 title = {{A Lightweight Isolation Mechanism for Secure Branch Predictors}},
 year = {2020}
}

@inproceedings{Zhao2020mptee,
 author = {Zhao, Wenjia and Lu, Kangjie and Qi, Yong and Qi, Saiyu},
 booktitle = {Proceedings of the Fifteenth European Conference on Computer Systems},
 pages = {1--15},
 title = {MPTEE: bringing flexible and efficient memory protection to Intel SGX},
 year = {2020}
}

@inproceedings{zhao2020sonicboom,
 author = {Zhao, Jerry and Korpan, Ben and Gonzalez, Abraham and Asanovic, Krste},
 booktitle = {Fourth Workshop on Computer Architecture Research with RISC-V},
 title = {{Sonicboom: The 3rd generation berkeley out-of-order machine}},
 year = {2020}
}

@inproceedings{Zhao2020Survey,
 author = {Zhao, Songyin and Wang, Xu An},
 booktitle = {Advances on Broad-Band Wireless Computing, Communication and Applications},
 title = {A Survey of Malicious HID Devices},
 year = {2020}
}

@inproceedings{Zhao2022binoculars,
 author = {Zhao, Zirui Neil and Morrison, Adam and Fletcher, Christopher W and Torrellas, Josep},
 booktitle = {USENIX Security Symposium},
 title = {Binoculars: Contention-Based Side-Channel Attacks Exploiting the Page Walker},
 year = {2022}
}

@inproceedings{Zheng2019CBA,
 author = {Zheng, Beilei and Gu, Jianan and Weng, Chuliang},
 booktitle = {International Symposium on Advanced Parallel Processing Technologies},
 title = {{CBA-Detector: An Accurate Detector Against Cache-Based Attacks Using HPCs and Pintools}},
 year = {2019}
}

@inproceedings{Zhou2011,
 author = {Zhou, Fangfei and Goel, Manish and Desnoyers, Peter and Sundaram, Ravi},
 booktitle = {Proceedings of the 10th IEEE International Symposium on Network Computing and Applications (NCA'11)},
 pages = {1--23},
 title = {{Scheduler vulnerabilities and attacks in cloud computing}},
 year = {2011}
}

@inproceedings{Zhou2014HDROP,
 author = {Hongwei Zhou and Xin Wu and Wenchang Shi and Jinhui Yuan and Bin Liang},
 booktitle = {ISPEC},
 title = {HDROP: Detecting ROP Attacks Using Performance Monitoring Counters},
 year = {2014}
}

@inproceedings{Zhou2018Hardware,
 author = {Zhou, Boyou and Gupta, Anmol and Jahanshahi, Rasoul and Egele, Manuel and Joshi, Ajay},
 booktitle = {Proceedings of the 2018 on Asia Conference on Computer and Communications Security},
 pages = {457--468},
 title = {Hardware performance counters can detect malware: Myth or fact?},
 year = {2018}
}

@inproceedings{Zhu2018,
 author = {Zhu, Jianping and Song, Wei and Zhu, Ziyuan and Ying, Jiameng and Li, Boya and Tu, Bibo and Shi, Gang and Hou, Rui and Meng, Dan},
 booktitle = {{Proceedings of the 1st Workshop on Security-Oriented Designs of Computer Architectures and Processors}},
 organization = {{ACM}},
 title = {{CPU Security Benchmark}},
 year = {2018}
}

@article{zhu2021lic,
 author = {Zhu, Hui and Gehrmann, Christian},
 journal = {JISA},
 title = {{Lic-Sec: an enhanced AppArmor Docker security profile generator}},
 year = {2021}
}

@misc{Zijlstra2019tsxabort,
 author = {Zijlstra, Peter},
 title = {{Implement support for TSX Force Abort}},
 url = {https://lkml.org/lkml/2019/3/12/1352},
 year = {2019}
}

@book{zimmermann1995pgp,
 author = {Zimmermann, Philip R},
 title = {The official PGP user's guide},
 year = {1995}
}

@inproceedings{zinzindohoue2017hacl,
 author = {Zinzindohou{\'e}, Jean-Karim and Bhargavan, Karthikeyan and Protzenko, Jonathan and Beurdouche, Benjamin},
 booktitle = {CCS},
 title = {{HACL*}: A verified modern cryptographic library},
 year = {2017}
}

@misc{ZombieloadGithub,
 author = {IAIK},
 title = {{ZombieLoad PoC (GitHub)}},
 url = {https://github.com/IAIK/ZombieLoad},
 year = {2019}
}